Open dns43 opened 3 years ago
In lodepng_deflatev(), getPixelColorsRGBA8() and lodepng_convert_rgb(), divide by zero can be triggered via bitdepth and input size. Please check if greater than 0 before usage.
LOC enumaration: https://sourcegraph.com/github.com/lvandeve/lodepng@master/-/blob/lodepng.cpp#L3271 https://sourcegraph.com/github.com/lvandeve/lodepng@master/-/blob/lodepng.cpp#L3355 https://sourcegraph.com/github.com/lvandeve/lodepng@master/-/blob/lodepng.cpp#L3443:17 https://sourcegraph.com/github.com/lvandeve/lodepng@master/-/blob/lodepng.cpp#L3610 https://sourcegraph.com/github.com/lvandeve/lodepng@7fdcc96a5e5864eee72911c3ca79b1d9f0d12292/-/blob/lodepng.cpp#L2093
Happy to provide PoC
In lodepng_deflatev(), getPixelColorsRGBA8() and lodepng_convert_rgb(), divide by zero can be triggered via bitdepth and input size. Please check if greater than 0 before usage.
LOC enumaration: https://sourcegraph.com/github.com/lvandeve/lodepng@master/-/blob/lodepng.cpp#L3271 https://sourcegraph.com/github.com/lvandeve/lodepng@master/-/blob/lodepng.cpp#L3355 https://sourcegraph.com/github.com/lvandeve/lodepng@master/-/blob/lodepng.cpp#L3443:17 https://sourcegraph.com/github.com/lvandeve/lodepng@master/-/blob/lodepng.cpp#L3610 https://sourcegraph.com/github.com/lvandeve/lodepng@7fdcc96a5e5864eee72911c3ca79b1d9f0d12292/-/blob/lodepng.cpp#L2093
Happy to provide PoC