[Png-mng-security] Potential denial of service attack in lcms-1.17

glennrp at comcast.net glennrp at comcast.net
Tue Nov 25 05:01:36 UTC 2008


 -------------- Original message ----------------------
From: "John Bowler" <jbowler at acm.org>
> By code examination if lcms-1.17 is passed an otherwise valid set of
> chromaticities with the white point 'y' value of 0 it will generate NaN and
> inf values internally.  On some systems where floating point exceptions are
> enabled this might cause a crash.

Just-released libpng-1.4.0beta40 rejects cHRM input with white_y <= 0.
Are you sure we should not also test white_x?

Glenn



More information about the png-mng-security-archive mailing list