Bug 219000

Summary: Fix possible integer overflow in ImageSource::canUseAsyncDecoding()
Product: WebKit Reporter: Said Abou-Hallawa <sabouhallawa>
Component: ImagesAssignee: Said Abou-Hallawa <sabouhallawa>
Status: NEW ---    
Severity: Normal CC: webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch sabouhallawa: review?

Description Said Abou-Hallawa 2020-11-16 12:31:53 PST 
If the image is malformed such that its area multiplied by 4 is greater than the INT_MAX, an overflow will happen in ImageSource::canUseAsyncDecoding().
Comment 1 Said Abou-Hallawa 2020-11-16 12:40:04 PST 
<rdar://problem/71369763>
Comment 2 Said Abou-Hallawa 2020-11-16 12:41:28 PST 
Created attachment 414272 [details]
Patch