[Png-mng-security] patch for zero-length unknown chunk bug
Glenn Randers-Pehrson
glennrp at comcast.net
Sun Apr 6 03:15:46 UTC 2008
After applying the patch to libpng-1.2.26, pngtest runs successfully. It does not copy the problematic cmOD chunk because it is not copy-safe. I have not tested with a zero-length copy-safe chunk, and I have not tested the progressive reader.
Firefox seems to be immune to this problem, although I have not tested it while using the "system" libpng instead of the embedded one, which has the buggy unknown_chunk code #ifdef'ed out.
Glenn
More information about the png-mng-security-archive
mailing list