| शीर्षक | dloebl CGIF v0.4.0 to v0.5.2 Integer Overflow |
|---|
| विवरण | CGIF is a fast and lightweight GIF encoder that can create GIF animations and images.
This code is vulnerable to CWE-190: Integer Overflow due to improper type handling in the pixel count calculation within the cgif_addframe function at line 521 of src/cgif.c. The function calculates the total number of pixels using direct multiplication (width * height) when comparing adjacent frames. When processing an oversized GIF, the multiplication of operands of type uint16_t is implicitly promoted to a signed int type and overflows, resulting in a negative value. This negative value acts as a loop condition, causing the frame comparison loop to not execute at all. As a result, frames with completely different content are incorrectly judged to be identical and discarded through optimization, potentially leading to missing frames or data corruption in the generated GIF animation. |
|---|
| स्रोत | ⚠️ https://github.com/dloebl/cgif/issues/110 |
|---|
| उपयोगकर्ता | zzxzzb (UID 95450) |
|---|
| सबमिशन | 12/03/2026 03:21 AM (4 महीनों पहले) |
|---|
| संयम | 27/03/2026 01:47 PM (15 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 353874 [dloebl CGIF तक 0.5.2 GIF Image src/cgif.c cgif_addframe width/height बफ़र ओवरफ़्लो] |
|---|
| अंक | 20 |
|---|