[Png-mng-security] Vulnerability in libpng sPLT chunk handling
Glenn Randers-Pehrson
glennrp at comcast.net
Sat Nov 11 04:13:47 UTC 2006
At 10:44 PM 11/10/2006 -0500, Glenn Randers-Pehrson wrote:
>
>A certain PNG file with a large malformed sPLT chunk has been
>demonstrated to crash libpng.
A copy of the PNG file is at
http://www.simplesystems.org/users/glennrp/hidden/crashers/
The directory contains the PNG file itself (865 kb) bad_sPLT.png
and a gzipped tarball (1.6 kb) for easy downloading. bad_sPLT.png.tar.gz
Glenn
More information about the png-mng-security-archive
mailing list