wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 974825 - Fix hang in libpng16 with zero-length IDAT. r=jmuizelaar

Browse Source
This commit is contained in:
Glenn Randers-Pehrson 2014-03-03 17:27:25 -05:00
parent 0b003a2507
commit 712b9bfe7d
3 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
media/libpng/crashtests/974825-1.html Normal file
View File

@ -0,0 +1,7 @@
<html><head><title>crash test for bug #974825</title></head>
<body>
<img alt="Crash Test bug#974825" title="Crash Test bug#974825"
src="data:image/png;base64,
iVBORw0KGgoAAAANSUhEUgAAAEAAAAAgCAYAAACinX6EAAAAAElEQVRKVU5LdGhlIGp1TmtKVU5LCg==">
</body>
</html>

1
media/libpng/crashtests/crashtests.list
View File

@ -1,2 +1,3 @@
load 374810-1.html
load 945912-1.html
load 974825-1.html

2
media/libpng/pngpread.c
View File

@ -235,6 +235,7 @@ png_push_read_chunk(png_structrp png_ptr, png_inforp info_ptr)
png_push_crc_skip(png_ptr, png_ptr->push_length);
png_ptr->mode &= ~PNG_HAVE_CHUNK_HEADER;
png_ptr->process_mode = PNG_READ_IDAT_MODE;
return;
}
else if (chunk_name == png_fdAT)
@ -337,6 +338,7 @@ png_push_read_chunk(png_structrp png_ptr, png_inforp info_ptr)
png_error(png_ptr, "Missing PLTE before IDAT");
png_ptr->mode |= PNG_HAVE_IDAT;
png_ptr->process_mode = PNG_READ_IDAT_MODE;
if (!(png_ptr->mode & PNG_HAVE_CHUNK_AFTER_IDAT))
if (png_ptr->push_length == 0)