Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 7837212f52f33db3d22f69704ed7654aedd313e8
https://github.com/WebKit/WebKit/commit/7837212f52f33db3d22f69704ed7654aedd313e8
Author: Adrian Perez de Castro <[email protected]>
Date: 2025-11-22 (Sat, 22 Nov 2025)
Changed paths:
M Source/WebCore/platform/image-decoders/png/PNGImageDecoder.cpp
M Source/WebCore/platform/image-decoders/png/PNGImageDecoder.h
Log Message:
-----------
Limit the amount of data that PNGImageDecoder may decode
https://bugs.webkit.org/show_bug.cgi?id=302941
Reviewed by Patrick Griffis.
Keep a running count of the amount of pixels decoded, update it on every
frame decoded for an image, and bail out if it would grow large enough
to potentially cause memory exhaustion. While at it, limit the maximum
amount of frames that an APNG file may have, and define it to be large
enough to cover ~70 minutes of animation at 60fps.
* Source/WebCore/platform/image-decoders/png/PNGImageDecoder.cpp:
(WebCore::PNGImageDecoder::headerAvailable):
(WebCore::PNGImageDecoder::readChunks):
* Source/WebCore/platform/image-decoders/png/PNGImageDecoder.h:
Canonical link: https://commits.webkit.org/303448@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
