this post was submitted on 30 Jun 2024
166 points (86.4% liked)
memes
16616 readers
2369 users here now
Community rules
1. Be civil
No trolling, bigotry or other insulting / annoying behaviour
2. No politics
This is non-politics community. For political memes please go to !politicalmemes@lemmy.world
3. No recent reposts
Check for reposts when posting a meme, you can only repost after 1 month
4. No bots
No bots without the express approval of the mods or the admins
5. No Spam/Ads
No advertisements or spam. This is an instance rule and the only way to live.
A collection of some classic Lemmy memes for your enjoyment
Sister communities
- !tenforward@lemmy.world : Star Trek memes, chat and shitposts
- !lemmyshitpost@lemmy.world : Lemmy Shitposts, anything and everything goes.
- !linuxmemes@lemmy.world : Linux themed memes
- !comicstrips@lemmy.world : for those who love comic stories.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Isn't there an issue with webp where it could potentially run arbitrary code?
I actually held a presentation on it, yeah! It wasn't really a webp problem, but an issue in the image decoder library which was used in basically.. everything to open Webp. What happened was that you could tell the OS to build a super bad (Huffman Tree, which in turn led to the decoding not fitting in the allocated memory space and overflowing.
Didn't every imaging lib have similar issues? They are always supposed to be fast and get implemented in C and humans fail memory management. Neverending story...
I see! Thank you for clearing that up.
"Can't media format X run arbitrary code" is almost never an issue with the format itself and virtually always a bug with a particular decoder/player.