mirror of
https://git.code.sf.net/p/libpng/code.git
synced 2025-07-10 18:04:09 +02:00
f0b453bc3e
When an input file contains a zero length IDAT and pngfix is not applying the IDAT rechunking (--max) option pngfix will go into a loop writing the zero length IDAT for ever. This is a fairly minor issue for interactive use; zero length IDAT is very rare, the problem is obvious (pngfix hangs) and the fix (use --max, or --max=4096 etc), while not obvious, is easy. For non-interactive use, e.g. trying to automatically repair a PNG that cannot be read by libpng, there are security consequences: 1) pngfix hangs. This may permit a DoS attack. 2) When the --out option is used pngfix will just keep writing. This is a very likely DoS scenario. Signed-off-by: John Bowler <jbowler@acm.org>
This "contrib" directory contains contributions which are not necessarily under the libpng license, although all are open source. They are not part of libpng proper and are not used for building the library, although some are used for testing the library via "make check".