[Png-mng-security] Vulnerability in libpng sPLT chunk handling

Glenn Randers-Pehrson glennrp at comcast.net
Sat Nov 11 04:13:47 UTC 2006


At 10:44 PM 11/10/2006 -0500, Glenn Randers-Pehrson wrote:
>
>A certain PNG file with a large malformed sPLT chunk has been
>demonstrated to crash libpng.

A copy of the PNG file is at
http://www.simplesystems.org/users/glennrp/hidden/crashers/

The directory contains the PNG file itself (865 kb)  bad_sPLT.png
and a gzipped tarball (1.6 kb) for easy downloading. bad_sPLT.png.tar.gz

Glenn



More information about the png-mng-security-archive mailing list