Full Disclosure mailing list archives
Re: memory required for a PNG file
From: A.L.M.Buxey () lboro ac uk
Date: Fri, 24 Jul 2009 06:47:19 +0100
Hi,
Hi How do we calculate memory required for a PNG file from the dimensions of width and height contained in the file? It seems that attackers make use width and height to take control of clients.
just from H+W? you cant - you'd have to know oher things such as depth, alpha layer presence, ancillary data container, gamma info. given that most attacks using images are using some buffer overflow in the parser you *might* be able to write your own 'PNG viewer' that would check the the image is sane and hope you hadnt coded any mistakes too... ;-) alan _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- memory required for a PNG file Murthy N Srinivas-B22237 (Jul 23)
- Re: memory required for a PNG file A . L . M . Buxey (Jul 23)