Highly-compressed images in the form of large PNGs or malicious PNG decompression bombs could lead to OutOfMemoryErrors.
While I haven't researched whether decompression bombs can actually happen with the default PNG reader bundled with Java, if such things can happen, then a countermeasure against them would be nice to incorporate in Thumbnailator.
coobird
commented
2 years ago
Highly-compressed images in the form of large PNGs or malicious PNG decompression bombs could lead to
OutOfMemoryErrors.While I haven't researched whether decompression bombs can actually happen with the default PNG reader bundled with Java, if such things can happen, then a countermeasure against them would be nice to incorporate in Thumbnailator.
References: