Bug 15909 - Public GIF image decoder can (still) corrupt memory on malformed GIFs
Summary: Public GIF image decoder can (still) corrupt memory on malformed GIFs
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Images (show other bugs)
Version: 528+ (Nightly build)
Hardware: PC All
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-11-08 15:44 PST by Peter Kasting
Modified: 2007-11-09 04:54 PST (History)
0 users

See Also:


Attachments
patch v1 (1.30 KB, patch)
2007-11-08 16:00 PST, Peter Kasting
mrowe: review+
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Peter Kasting 2007-11-08 15:44:26 PST
Follow-on bug to bug 15778.

My original patch had an oversight; I didn't catch the case where an image had an excessively large frame with a nonzero Y-offset, which could still have caused a fault.

Simple patch coming shortly.
Comment 1 Peter Kasting 2007-11-08 16:00:00 PST
Created attachment 17133 [details]
patch v1

Easy fix.
Comment 2 Mark Rowe (bdash) 2007-11-08 17:58:03 PST
Comment on attachment 17133 [details]
patch v1

r=me
Comment 3 Mark Rowe (bdash) 2007-11-09 04:54:16 PST
Landed in r27642.