Bug 219000 - Fix possible integer overflow in ImageSource::canUseAsyncDecoding()
Summary: Fix possible integer overflow in ImageSource::canUseAsyncDecoding()
Status: NEW
Alias: None
Product: WebKit
Classification: Unclassified
Component: Images (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Said Abou-Hallawa
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2020-11-16 12:31 PST by Said Abou-Hallawa
Modified: 2020-11-16 12:41 PST (History)
1 user (show)

See Also:


Attachments
Patch (1.67 KB, patch)
2020-11-16 12:41 PST, Said Abou-Hallawa
sabouhallawa: review?
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Said Abou-Hallawa 2020-11-16 12:31:53 PST
If the image is malformed such that its area multiplied by 4 is greater than the INT_MAX, an overflow will happen in ImageSource::canUseAsyncDecoding().
Comment 1 Said Abou-Hallawa 2020-11-16 12:40:04 PST
<rdar://problem/71369763>
Comment 2 Said Abou-Hallawa 2020-11-16 12:41:28 PST
Created attachment 414272 [details]
Patch