File tree Expand file tree Collapse file tree 2 files changed +18
-18
lines changed Expand file tree Collapse file tree 2 files changed +18
-18
lines changed Original file line number Diff line number Diff line change @@ -124,13 +124,27 @@ Moreover the size calculated by `spng_decoded_image_size()` can be checked
124124against a hard limit before allocating memory for the output image.
125125
126126Chunks of arbitrary length (e.g. text, color profiles) take up additional memory,
127- ` spng_set_chunk_limits() ` is used to set hard limits on chunk length- and cache limits,
128- note that reaching either limit is handled as a fatal error.
127+ ` spng_set_chunk_limits() ` is used to set hard limits on chunk length and overall memory usage.
129128
130129Since v0.7.0 the ` SPNG_CHUNK_COUNT_LIMIT ` option controls how many chunks can be stored,
131130the default is ` 1000 ` and is configurable through [ ` spng_set_option() ` ] ( context.md#spng_set_option ) ,
132131this limit is independent of the chunk cache limit.
133132
133+ Note that exceeding any of the chunk limits is handled as an out-of-memory error.
134+
135+ ## Decoding untrusted files
136+
137+ To decode untrusted files safely it is required to at least:
138+
139+ * Set an upper limit on image dimensions with ` spng_set_image_limits() ` .
140+
141+ * Use ` spng_decoded_image_size() ` to calculate the output image size
142+ and check it against a constant limit.
143+
144+ * Set a chunk size and chunk cache limit with ` spng_set_chunks_limits() `
145+ to control memory usage and avoid DoS from decompression bombs.
146+
147+
134148# API
135149
136150See also: [ spng_set_png_stream()] ( context.md#spng_set_png_stream ) , [ spng_set_png_file()] ( context.md#spng_set_png_file ) .
Original file line number Diff line number Diff line change @@ -26,19 +26,5 @@ spng_ctx_free(ctx);
2626
2727```
2828
29- For a complete example see [example.c](https://github.com/randy408/libspng/blob/v0.7.3/examples/example.c).
30-
31-
32- ## Decoding untrusted files
33-
34- To decode untrusted files safely it is required to at least:
35-
36- * Set an upper image width and height limit with `spng_set_image_limits()`.
37-
38- * Use `spng_decoded_image_size()` to calculate the output image size
39- and check it against a constant limit.
40-
41- * Set a chunk size and chunk cache limit with `spng_set_chunks_limits()`
42- to avoid running out of memory. Note that exceeding either limit is
43- handled as an out-of-memory error since v0.6.0.
44-
29+ For a complete example see [example.c](https://github.com/randy408/libspng/blob/v0.7.3/examples/example.c)
30+ and [Decoding untrusted files](decode.md#decoding-untrusted-files)
You can’t perform that action at this time.
0 commit comments