mirror of https://github.com/webmproject/libwebp.git synced 2025-01-28 23:52:56 +01:00

Go to file

James Zern d49cfbb348 vp8l_enc,WriteImage: add missing error check

VP8LBitWriterFinish() may cause the VP8LBitWriter's buffer to be grown.
If that allocation fails, VP8LBitWriterNumBytes() will return a size
larger than the current allocation resulting in a heap overwrite of the
missing bytes.

==3531848==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x61d000000880 at pc 0x556eddfa1007 bp 0x7ffe434c7a90 sp 0x7ffe434c7260
READ of size 2052 at 0x61d000000880 thread T0
    #0 0x556eddfa1006 in __asan_memcpy
    #1 0x556eddfeeccf in WebPMemoryWrite src/enc/picture_enc.c:220:5
    #2 0x556ede0f9f87 in WriteImage src/enc/vp8l_enc.c:1454:8

Found by Nallocfuzz (https://github.com/catenacyber/nallocfuzz).

Change-Id: Ib1c9454c2c51849b0ba58c5347e6bd5b02a12fbe

2023-06-15 15:09:10 -07:00

cmake

cmake,cosmetics: apply cmake-format

2023-05-30 12:14:28 -07:00

doc

doc/webp-container-spec: rm future codec comment

2023-05-26 15:48:31 -07:00

examples

img2webp: normalize help output

2023-03-17 15:37:55 -07:00

extras

bump version to 1.3.1

2023-06-01 18:56:12 -07:00

gradle/wrapper

update gradle to 6.1.1

2021-01-02 15:51:55 -08:00

imageio

Call png_get_channels() to see if image has alpha

2023-06-13 17:35:31 -07:00

infra

run_static_analysis.sh: fix scan-build archive path

2022-06-13 16:17:42 -07:00

autoconf: update ax_pthread.m4

2013-12-29 11:56:21 -05:00

man

img2webp: normalize help output

2023-03-17 15:37:55 -07:00

sharpyuv

bump version to 1.3.1

2023-06-01 18:56:12 -07:00

src

vp8l_enc,WriteImage: add missing error check

2023-06-15 15:09:10 -07:00

swig

Markdownify libwebp docs and reorganize them.

2022-02-15 15:31:56 +00:00

tests

fuzz_utils.h: lower kFuzzPxLimit w/ASan

2023-05-24 19:39:38 -07:00

webp_js

Merge "extras: WebpToSDL -> WebPToSDL" into main

2022-12-16 20:15:12 +00:00

.cmake-format.py

add .cmake-format.py

2023-05-30 13:54:06 -07:00

.gitattributes

update gradle to 6.1.1

2021-01-02 15:51:55 -08:00

.gitignore

.gitignore: add Android Studio & VS code dirs

2022-04-04 10:28:06 -07:00

.mailmap

update .mailmap

2023-06-01 17:13:21 -07:00

.pylintrc

presubmit: Add pylint-2.7 and .pylintrc

2021-10-12 01:01:14 +00:00

.style.yapf

Update yapf style from "chromium" to "yapf"

2023-02-23 18:10:53 -05:00

Android.mk

*/Android.mk: add a check for NDK_ROOT

2022-12-16 12:10:36 -08:00

AUTHORS

update AUTHORS

2023-06-01 17:13:22 -07:00

autogen.sh

build: just use autoreconf, avoid calling tools manually

2011-03-26 09:50:31 -07:00

build.gradle

sharpyuv: add SharpYuvGetCPUInfo

2022-10-26 13:07:01 -07:00

ChangeLog

update ChangeLog

2023-06-02 09:37:51 -07:00

CMakeLists.txt

cmake,emscripten: explicitly set stack size

2023-06-13 21:47:52 -07:00

codereview.settings

add codereview.settings

2018-11-07 19:12:35 -08:00

configure.ac

bump version to 1.3.1

2023-06-01 18:56:12 -07:00

CONTRIBUTING.md

CONTRIBUTING.md: add C style / cmake-format notes

2023-05-30 13:54:12 -07:00

COPYING

Initial commit

2010-09-30 09:55:07 -04:00

gradle.properties

Add gradle support

2016-05-24 15:35:20 +02:00

gradlew

update gradle to 6.1.1

2021-01-02 15:51:55 -08:00

gradlew.bat

update gradle to 6.1.1

2021-01-02 15:51:55 -08:00

iosbuild.sh

fix ios build scripts after sharpyuv dep added

2022-03-08 19:52:45 -08:00

Makefile.am

Make libwebp depend on libsharpyuv.

2022-03-04 11:35:03 +01:00

makefile.unix

sharpyuv: add SharpYuvGetCPUInfo

2022-10-26 13:07:01 -07:00

Makefile.vc

Makefile.vc: fix img2webp link w/dynamic cfg

2023-03-18 13:58:21 -07:00

NEWS

update NEWS

2023-06-02 09:31:46 -07:00

PATENTS

fix typo: constitutes -> constitute

2015-04-18 08:46:53 -07:00

PRESUBMIT.py

patch-check: detect duplicated files

2021-12-17 00:25:43 +00:00

README.md

bump version to 1.3.1

2023-06-01 18:56:12 -07:00

xcframeworkbuild.sh

xcframeworkbuild.sh: bump MACOSX_CATALYST_MIN_VERSION

2022-12-15 15:14:44 -08:00

README.md

WebP Codec

      __   __  ____  ____  ____
     /  \\/  \/  _ \/  _ )/  _ \
     \       /   __/  _  \   __/
      \__\__/\____/\_____/__/ ____  ___
            / _/ /    \    \ /  _ \/ _/
           /  \_/   / /   \ \   __/  \__
           \____/____/\_____/_____/____/v1.3.1

WebP codec is a library to encode and decode images in WebP format. This package contains the library that can be used in other programs to add WebP support, as well as the command line tools 'cwebp' and 'dwebp' to compress and decompress images respectively.

See https://developers.google.com/speed/webp for details on the image format.

The latest source tree is available at https://chromium.googlesource.com/webm/libwebp

It is released under the same license as the WebM project. See https://www.webmproject.org/license/software/ or the "COPYING" file for details. An additional intellectual property rights grant can be found in the file PATENTS.

Building

See the building documentation.

Encoding and Decoding Tools

The examples/ directory contains tools to encode and decode images and animations, view information about WebP images, and more. See the tools documentation.

APIs

See the APIs documentation, and API usage examples in the examples/ directory.

Bugs

Please report all bugs to the issue tracker: https://bugs.chromium.org/p/webp

Patches welcome! See how to contribute.

Discuss

Email: webp-discuss@webmproject.org

Web: https://groups.google.com/a/webmproject.org/group/webp-discuss

Languages

C 94.3%

C++ 1.4%

Shell 1.1%

CMake 1.1%

M4 1%

Other 1.1%