decoding.c in android-gif-drawable before 1.2.24 does not limit the maximum length of comment,leading to denial of service

koral-- / android-gif-drawable

Views and Drawable for displaying animated GIFs on Android

Other

9.51k stars 1.78k forks source link

decoding.c in android-gif-drawable before 1.2.24 does not limit the maximum length of comment,leading to denial of service #792

Closed tubeuchiha closed 2 years ago

tubeuchiha commented 2 years ago

What are the impact surfaces by comment length ?

koral-- commented 2 years ago

Look at the https://nvd.nist.gov/vuln/detail/CVE-2022-23435

koral-- commented 2 years ago

Parsing a GIF file in the native code of the android-gif-drawable library causes a timeout, resulting in the hosting application using CPU and becoming unresponsive.

Impact: An attacker can send a malicious GIF file to any application that uses the android-gif-drawable library, causing the app to become unresponsive until it is killed.