-
- Downloads
Bug 1823614. Limit the number of scans we allow in jpeg images to some finite...
Bug 1823614. Limit the number of scans we allow in jpeg images to some finite value. r=gfx-reviewers,bradwerth We want to provide some finite limit to prevent small jpeg files from being able to tie up cpus for a much larger time than their small size would normally allow. We want to choose a number high enough so that no sane jpeg file would approach it, unless it had been crafted to take advantage of this problem. Skia's jpeg decoder limit's it to 100: https://searchfox.org/mozilla-central/rev/f078cd02746b29652c134b144f0629d47e378166/gfx/skia/skia/src/codec/SkJpegDecoderMgr.cpp#33 The OSS_Fuzz targets for libjpeg-turbo limit it to 500: https://bugzilla.mozilla.org/show_bug.cgi?id=1252196#c11 Differential Revision: https://phabricator.services.mozilla.com/D173120
Showing
- image/decoders/nsJPEGDecoder.cpp 16 additions, 0 deletionsimage/decoders/nsJPEGDecoder.cpp
- image/decoders/nsJPEGDecoder.h 1 addition, 0 deletionsimage/decoders/nsJPEGDecoder.h
- image/test/reftest/jpeg/jpg-progressive-1000-ref.html 1 addition, 0 deletionsimage/test/reftest/jpeg/jpg-progressive-1000-ref.html
- image/test/reftest/jpeg/jpg-progressive-1000.html 1 addition, 0 deletionsimage/test/reftest/jpeg/jpg-progressive-1000.html
- image/test/reftest/jpeg/jpg-progressive-1000.jpg 0 additions, 0 deletionsimage/test/reftest/jpeg/jpg-progressive-1000.jpg
- image/test/reftest/jpeg/reftest.list 3 additions, 0 deletionsimage/test/reftest/jpeg/reftest.list
Loading
Please register or sign in to comment