projects / platform / upstream / libwebp.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3103338) | patch
Apply CVE-2023-4863 patch 68/300168/2 accepted/tizen_7.0_base tizen_7.0_base accepted/tizen/7.0/base/20240521.055633
authorjiyong.min <jiyong.min@samsung.com>
Wed, 18 Oct 2023 00:21:58 +0000 (09:21 +0900)
committerJiyong <jiyong.min@samsung.com>
Thu, 16 May 2024 23:33:19 +0000 (08:33 +0900)
commita0335d593e5a1ccc81e6daac0dad7640bc7f02c8
tree9ff0318c7c76fee062c31ae267ce76440e81ceb3tree | snapshot
parent310333883ea36f0f22a809bccc41d2d0c3cccf97commit | diff
Apply CVE-2023-4863 patch

 - Duplicate of CVE-2023-5129

Fix OOB write in BuildHuffmanTable.
First, BuildHuffmanTable is called to check if the data is valid.
If it is and the table is not big enough, more memory is allocated.

This will make sure that valid (but unoptimized because of unbalanced
codes) streams are still decodable.

Bug: chromium:1479274
Change-Id: Idd09cecb53a0bef413c4f8f0ec4284faf4f4a042
(cherry picked from commit bc3da941348bad7165fb159486aff465b5725384)
packaging/libwebp.spec diff | blob | history
src/dec/vp8l_dec.c diff | blob | history
src/dec/vp8li_dec.h diff | blob | history
src/utils/huffman_utils.c diff | blob | history
src/utils/huffman_utils.h diff | blob | history
Domain: Multimedia / Imaging;