219000 – Fix possible integer overflow in ImageSource::canUseAsyncDecoding()

Bug 219000 - Fix possible integer overflow in ImageSource::canUseAsyncDecoding()

Summary: Fix possible integer overflow in ImageSource::canUseAsyncDecoding()

Status:	NEW

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Images (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Said Abou-Hallawa

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2020-11-16 12:31 PST by Said Abou-Hallawa
Modified:	2020-11-16 12:41 PST (History)
CC List:	1 user (show)

See Also:

Attachments
Patch (1.67 KB, patch) 2020-11-16 12:41 PST, Said Abou-Hallawa	sabouhallawa: review?	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Said Abou-Hallawa 2020-11-16 12:31:53 PST

If the image is malformed such that its area multiplied by 4 is greater than the INT_MAX, an overflow will happen in ImageSource::canUseAsyncDecoding().

Comment 1 Said Abou-Hallawa 2020-11-16 12:40:04 PST

<rdar://problem/71369763>

Comment 2 Said Abou-Hallawa 2020-11-16 12:41:28 PST

Created attachment 414272 [details]
Patch