Open Bug 872626 Opened 12 years ago Updated 2 years ago

Bad fcTL CRC in APNG files ignored (regression)

Categories

(Core :: Graphics: ImageLib, defect)

Product:
Core
Component:
Graphics: ImageLib
Type:
defect

Tracking

()

People

(Reporter: glennrp+bmo, Unassigned)

References

Details

Attachments

(2 files, 7 obsolete files)

v06-872626-part01-apng-bad-crc-nsPNGDecoder
1.52 KB, patch
Details | Diff | Splinter Review
v00-872626-part02-apng-bad-crc-crashtests
1.50 KB, patch
Details | Diff | Splinter Review
The checkin of bug #857040 forced a regression of bug #397593. We should re-implement the patch in a way that only affects APNG datastreams, to reject datastreams that have fcTL or fdAt chunks with bad CRC as prior to the recent checkin.
Depends on: 857040, 397593
Blocks: 857040
No longer depends on: 397593, 857040
Attached patch v01-872626-apng-bad-crc (obsolete) — Splinter Review
Rebased after recent changes to nsPNGDecoder.cpp
Attachment #749949 - Attachment is obsolete: true
Attached patch v02-872626-apng-bad-crc (obsolete) — Splinter Review
Relocate the png_set_crc_action(), use C++ style comment. Please submit to try.
Attachment #8776371 - Attachment is obsolete: true
Flags: needinfo?(ryanvm)
Can we land a test for this too? https://treeherder.mozilla.org/#/jobs?repo=try&revision=c6ec73db6e23
Flags: needinfo?(ryanvm) → in-testsuite?
Comment on attachment 8776373 [details] [diff] [review] v02-872626-apng-bad-crc Try run was green. I'll provide a test case later.
Attachment #8776373 - Flags: review?(jmuizelaar)
Attached patch v02-872626-apng-bad-crc (obsolete) — Splinter Review
Rebased and fixed indentation
Attachment #8776373 - Attachment is obsolete: true
Attachment #8776373 - Flags: review?(jmuizelaar)
Attachment #8777570 - Flags: review?(jmuizelaar)
Attached patch v03-872625-apng-bad-crc (obsolete) — Splinter Review
Rebased and fixed indentation
Attachment #8777570 - Attachment is obsolete: true
Attachment #8777570 - Flags: review?(jmuizelaar)
Attachment #8777571 - Flags: review?(jmuizelaar)
Comment on attachment 8777571 [details] [diff] [review] v03-872625-apng-bad-crc Review of attachment 8777571 [details] [diff] [review]: ----------------------------------------------------------------- Is it possible for us to get a test for this?
Attachment #8777571 - Flags: review?(jmuizelaar) → review+
Group: core-security
Flags: needinfo?(abillings)
Flags: needinfo?(abillings)
Rebased after landing bug #1240665
See Also: → 1288588
Keywords: sec-high
Attachment #8777571 - Attachment is obsolete: true
Rebased.
Attachment #8777851 - Attachment is obsolete: true
Attachment #8778663 - Attachment is obsolete: true
Keywords: sec-high
See Also: 1288588
Group: core-security
to do: add test case
Flags: needinfo?(glennrp+bmo)
Flags: needinfo?(glennrp+bmo)

The bug assignee didn't login in Bugzilla in the last 7 months, so the assignee is being reset.

Assignee: glennrp+bmo → nobody
Status: ASSIGNED → NEW
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: