[Png-mng-security] libpng: memory overwrite (png_check_keyword()) [SuSE]

Greg Roelofs newt at pobox.com
Tue Feb 10 19:08:09 UTC 2009


> I suppose it's this one:

> version 1.2.34beta05 [December 5, 2008]
>   Removed redundant check for key==NULL before calling png_check_keyword()
>     to ensure that new_key gets initialized and removed extra warning
>     (Arvan Pritchard).

No, it's internal to png_check_keyword().  In any case, it's fixed in the
current 1.2 beta:

      (*new_key)[79] = '\0';

(It was reported in 1.0.41.)

Greg



More information about the png-mng-security-archive mailing list