Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-22168

Crash bug (vulnerability) in bundled libpng 1.5.4

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • P1: Critical
    • 4.8.0
    • 4.7.4
    • Image formats
    • None
    • e5098123c12880d922923d1117f7b82995c6b5a0

    Description

      Certain malformed PNGs cause a crash in libpng.

      The PNG Development Group explains that libpng 1.5.4 (only) introduced a divide-by-zero bug in png_handle_cHRM(), which could lead to crashes (denial of service), ref. http://www.libpng.org/pub/png/libpng.html

      This task was created as a result of comments to QTBUG-21408

      Attachments

        1. globe-scene-fish-bowl.png
          222 kB
          Eirik Aavitsland

        Issue Links

          resulted from

          Bug - A problem which impairs or prevents the functions of the product. QTBUG-21408 Qt 4.7.4 - problem with libpng

          • P2: Important - Urgent, should be fixed, but will not stop the release.
          • Closed
          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              vgt Eirik Aavitsland
              vgt Eirik Aavitsland
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes