> At the same time, we implement image width and height limits in > x_create_x_image_and_pixmap, to deal with malicious images that > specify gigantic width and height sizes, even though the file size > isn't that big. > > Will that succeed in handling the problem case we got?
It will avoid allocating too much memory in Emacs. Whether libungif tries to allocate too much memory prior to this, depends on the internal implementation of libungif. Worst that could happen is that libungif believes the invalid width and height data, tries to malloc a big chunk of memory, malloc fails, and DGifSlurp() frees the memory and returns with an error, which we catch. I can't find any libungif function for controlling how much memory libungif uses. As for libpng, the png_set_user_limits() function was only added in version 1.0.16rc1, from 2004, so if we use that we'll lose compatibility with older versions. I don't think it's worth delaying the release for this. _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel