mirror of https://github.com/SixLabors/ImageSharp
Tree:
70a49b1d9d
af/UniformUnmanagedMemoryPoolMemoryAllocator-02-MemoryGuards
af/allocator-fun-1
af/ci-test-3.1.x
af/conversion-experiments
af/decoder-tests
af/fast-dev-hack
af/image-destroyer-01
af/langversion
af/merge-core
af/mmf-poc
af/octree-no-pixelmap
af/pbm-eof-01
af/prototyping-baseline
af/qhack03
arm
defect/2696
dependabot/github_actions/actions/cache-6
dependabot/github_actions/actions/checkout-7
gh-pages
js/aligned-memory-experiments
js/color-alpha-handling
js/fix-2859
js/gif-lzw-encoder
js/sanitize-foreground-rectangle
main
proposal/Metadata-OriginalImageFormat
qoi
release/1.0.x
release/2.1.x
release/3.1.x
release/v3.0.x
sp/auto-matrix-linear-decomposition
sp/convolution-speedup-v2
sp/resize-map-optimizations
sp/target-image-decoding
sw/telemetry
sw/track-stacktraces
v4/2696
v1.0.0
v1.0.0-beta1
v1.0.0-beta2
v1.0.0-beta3
v1.0.0-beta4
v1.0.0-beta5
v1.0.0-beta6
v1.0.0-beta7
v1.0.0-rc.1
v1.0.0-rc.2
v1.0.0-rc.3
v1.0.1
v1.0.2
v1.0.3
v1.0.4
v2.0.0
v2.1.0
v2.1.1
v2.1.10
v2.1.11
v2.1.12
v2.1.13
v2.1.2
v2.1.3
v2.1.4
v2.1.5
v2.1.6
v2.1.7
v2.1.8
v2.1.9
v3.0.0
v3.0.1
v3.0.2
v3.1.0
v3.1.1
v3.1.10
v3.1.11
v3.1.12
v3.1.2
v3.1.3
v3.1.4
v3.1.5
v3.1.6
v3.1.7
v3.1.8
v3.1.9
v4.0.0
${ noResults }
1 Commits (70a49b1d9d7a7086ffa5adb0bfcd057f7867142c)
| Author | SHA1 | Message | Date |
|---|---|---|---|
|
|
c795d81404
|
Fix integer overflow and bounds-checking vulnerabilities in EXR decoder (#3126)
* Fix integer overflow and bounds-checking vulnerabilities in EXR decoder Use ulong arithmetic in CalculateBytesPerRow and block size calculations to prevent integer overflow. Add validation for DataWindow dimensions, block size limits, and row offsets outside stream bounds. * Harden EXR row offset validation * EXR: validate sizes, prevent overflows, dispose image --------- Co-authored-by: James Jackson-South <james_south@hotmail.com> |
2 months ago |