As the cute_png.h library is used to load and parse PNG files, the returned image is not verified. This could cause the program's functionality to be disrupted.
An example I encountered was when the PNG headers stored excessive values for the image's height and width (despite the fact that the pixels are not stored in the data section of the format). This causes the malloc from the function cp_to_rgb to return NULL and, as a result of the pointer dereferencing below, the program will generate a SIGSERV and stop working.
As the
cute_png.h
library is used to load and parse PNG files, the returned image is not verified. This could cause the program's functionality to be disrupted.An example I encountered was when the PNG headers stored excessive values for the image's height and width (despite the fact that the pixels are not stored in the data section of the format). This causes the
malloc
from the functioncp_to_rgb
to returnNULL
and, as a result of the pointer dereferencing below, the program will generate aSIGSERV
and stop working.