John Bowler 2d62f7406f [libpng16] Fixed the recently reported 1's complement security issue by ...

replacing the value that is illegal in the PNG spec, in both signed and
unsigned values, with 0. Illegal unsigned values (anything greater than or equal
to  0x80000000) can still pass through, but since these are not illegal
in ANSI-C (unlike 0x80000000 in the signed case) the checking that
occurs later can catch them (John Bowler).

2015-08-19 12:56:48 -05:00

138 KiB

Raw Blame History

View Raw