I actually held a presentation on it, yeah! It wasn’t really a webp problem, but an issue in the image decoder library which was used in basically… everything to open Webp.
What happened was that you could tell the OS to build a super bad (Huffman Tree, which in turn led to the decoding not fitting in the allocated memory space and overflowing.
Didn’t every imaging lib have similar issues? They are always supposed to be fast and get implemented in C and humans fail memory management. Neverending story…
Isn’t there an issue with webp where it could potentially run arbitrary code?
I actually held a presentation on it, yeah! It wasn’t really a webp problem, but an issue in the image decoder library which was used in basically… everything to open Webp. What happened was that you could tell the OS to build a super bad (Huffman Tree, which in turn led to the decoding not fitting in the allocated memory space and overflowing.
I see! Thank you for clearing that up.
Didn’t every imaging lib have similar issues? They are always supposed to be fast and get implemented in C and humans fail memory management. Neverending story…
“Can’t media format X run arbitrary code” is almost never an issue with the format itself and virtually always a bug with a particular decoder/player.