We use cookies to ensure you get the best experience on our website
首頁 探索 說明
註冊 登入
0ct0pu5
/
ladybird
1
0
複刻 0
Files 問題管理 0 合併請求 0 Wiki
瀏覽代碼

AK: Reject BitStream reads beyond EOF by default

The only exception to this is the lossless WebP decoder, which
legitimately relies on this behavior, even upstream.
Tim Schumacher 1 年之前
父節點
cb03d3d78f
當前提交
197331c922
共有 2 個文件被更改,包括 3 次插入3 次删除
分割檢視 顯示文件統計
  1. 1 1
      AK/BitStream.h
  2. 2 2
      Userland/Libraries/LibGfx/ImageFormats/WebPLoaderLossless.cpp

+ 1 - 1
AK/BitStream.h
查看文件 

@@ -156,7 +156,7 @@ public:
 
         FillWithZero,
 
     };
 
 
-    explicit LittleEndianInputBitStream(MaybeOwned<Stream> stream, UnsatisfiableReadBehavior unsatisfiable_read_behavior = UnsatisfiableReadBehavior::FillWithZero)
 
+    explicit LittleEndianInputBitStream(MaybeOwned<Stream> stream, UnsatisfiableReadBehavior unsatisfiable_read_behavior = UnsatisfiableReadBehavior::Reject)
 
         : LittleEndianBitStream(move(stream))
 
         , m_unsatisfiable_read_behavior(unsatisfiable_read_behavior)
 
     {

+ 2 - 2
Userland/Libraries/LibGfx/ImageFormats/WebPLoaderLossless.cpp
查看文件 

@@ -26,7 +26,7 @@ ErrorOr<VP8LHeader> decode_webp_chunk_VP8L_header(ReadonlyBytes vp8l_data)
 
         return Error::from_string_literal("WebPImageDecoderPlugin: VP8L chunk too small");
 
 
     FixedMemoryStream memory_stream { vp8l_data.trim(5) };
 
-    LittleEndianInputBitStream bit_stream { MaybeOwned<Stream>(memory_stream) };
 
+    LittleEndianInputBitStream bit_stream { MaybeOwned<Stream>(memory_stream), LittleEndianInputBitStream::UnsatisfiableReadBehavior::FillWithZero };
 
 
     u8 signature = TRY(bit_stream.read_bits(8));
 
     if (signature != 0x2f)
 
@@ -931,7 +931,7 @@ ErrorOr<NonnullRefPtr<Bitmap>> ColorIndexingTransform::transform(NonnullRefPtr<B
 
 ErrorOr<NonnullRefPtr<Bitmap>> decode_webp_chunk_VP8L_contents(VP8LHeader const& vp8l_header)
 
 {
 
     FixedMemoryStream memory_stream { vp8l_header.lossless_data };
 
-    LittleEndianInputBitStream bit_stream { MaybeOwned<Stream>(memory_stream) };
 
+    LittleEndianInputBitStream bit_stream { MaybeOwned<Stream>(memory_stream), LittleEndianInputBitStream::UnsatisfiableReadBehavior::FillWithZero };
 
 
     // image-stream = optional-transform spatially-coded-image

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5