The VP8X chunk allows specifying ridiculously large canvas dimensions up to 2^24 x 2^24, which end up being used for ALPH chunk bitstreams. This can be a DoS vector. It's unclear whether there's a valid WebP with such large dimensions, as both the VP8 and VP8L bitstreams only allow dimensions up to 2^12 x 2^12. In other words, a larger ALPH would be rejected later anyway in parsing for mismatching dimensions with the VP8/VP8L appearing later.
The
VP8Xchunk allows specifying ridiculously large canvas dimensions up to 2^24 x 2^24, which end up being used forALPHchunk bitstreams. This can be a DoS vector. It's unclear whether there's a valid WebP with such large dimensions, as both theVP8andVP8Lbitstreams only allow dimensions up to 2^12 x 2^12. In other words, a largerALPHwould be rejected later anyway in parsing for mismatching dimensions with theVP8/VP8Lappearing later.