Skip to content

GIF: Check for end of stream when reading comments. #2954

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 24, 2025
Merged

GIF: Check for end of stream when reading comments. #2954

merged 1 commit into from
Jun 24, 2025

Conversation

JimBobSquarePants
Copy link
Member

Prerequisites

  • I have written a descriptive pull-request title
  • I have verified that there are no overlapping pull-requests open
  • I have verified that I am following the existing coding patterns and practice as demonstrated in the repository. These follow strict Stylecop rules 👮.
  • I have provided test coverage for my change (where applicable)

Description

Fixes #2953

Copilot
Copilot AI reviewed Jun 24, 2025
View reviewed changes
Copy link

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds an explicit end-of-stream check when reading GIF comment sub-blocks to prevent infinite loops or silent failures, and covers the change with a new test case for issue #2953.

  • Insert EOF check in ReadComments to throw InvalidImageContentException on truncated GIF comments
  • Add a new LFS pointer test asset and register it in TestImages
  • Add GifDecoderTests.Issue2953 to verify Identify and Load both throw on invalid GIF

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.

File Description
tests/Images/Input/Gif/issues/issue_2953.gif Added new test asset (LFS pointer placeholder)
tests/ImageSharp.Tests/TestImages.cs Registered Issue2953 constant for the new test image
tests/ImageSharp.Tests/Formats/Gif/GifDecoderTests.cs Added Issue2953 test to assert InvalidImageContentException
src/ImageSharp/Formats/Gif/GifDecoderCore.cs Inserted EOF (length == -1) check in ReadComments to catch streams ending prematurely
Comments suppressed due to low confidence (1)

tests/Images/Input/Gif/issues/issue_2953.gif:1

  • This is an LFS pointer file rather than a real or truncated GIF; it may not actually trigger the new EOF branch. Consider replacing it with a minimal or truncated GIF file to exercise the comment-reading EOF check in tests.
version https://git-lfs.github.com/spec/v1

src/ImageSharp/Formats/Gif/GifDecoderCore.cs
@@ -414,6 +414,11 @@ private void ReadComments(BufferedReadStream stream)
GifThrowHelper.ThrowInvalidImageContentException($"Gif comment length '{length}' exceeds max '{GifConstants.MaxCommentSubBlockLength}' of a comment data block");
}

if (length == -1)
Copy link
Preview

Copilot AI Jun 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[nitpick] Consider moving the EOF check (length < 0) before the max-length validation to follow a consistent ordering of bounds checks and avoid any accidental fall-through.

Copilot uses AI. Check for mistakes.

src/ImageSharp/Formats/Gif/GifDecoderCore.cs
@@ -414,6 +414,11 @@ private void ReadComments(BufferedReadStream stream)
GifThrowHelper.ThrowInvalidImageContentException($"Gif comment length '{length}' exceeds max '{GifConstants.MaxCommentSubBlockLength}' of a comment data block");
}

if (length == -1)
{
GifThrowHelper.ThrowInvalidImageContentException("Unexpected end of stream while reading gif comment");
Copy link
Preview

Copilot AI Jun 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[nitpick] The exception message uses lowercase 'gif'; for consistency with other GIF-related messages in the codebase, consider capitalizing it to 'GIF'.

Suggested change
GifThrowHelper.ThrowInvalidImageContentException("Unexpected end of stream while reading gif comment");
GifThrowHelper.ThrowInvalidImageContentException("Unexpected end of stream while reading GIF comment");

Copilot uses AI. Check for mistakes.

tests/ImageSharp.Tests/Formats/Gif/GifDecoderTests.cs
public void Issue2953<TPixel>(TestImageProvider<TPixel> provider)
where TPixel : unmanaged, IPixel<TPixel>
{
// We should throw a InvalidImageContentException when trying to identify or load an invalid GIF file.
Copy link
Preview

Copilot AI Jun 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Replace 'a InvalidImageContentException' with 'an InvalidImageContentException' to correct the article usage.

Suggested change
// We should throw a InvalidImageContentException when trying to identify or load an invalid GIF file.
// We should throw an InvalidImageContentException when trying to identify or load an invalid GIF file.

Copilot uses AI. Check for mistakes.

@JimBobSquarePants JimBobSquarePants mentioned this pull request Jun 24, 2025
Merged
4 tasks
@JimBobSquarePants JimBobSquarePants merged commit 833f3ce into main Jun 24, 2025
32 of 43 checks passed
@JimBobSquarePants JimBobSquarePants deleted the js/fix-2953 branch June 24, 2025 23:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@antonfirsov antonfirsov antonfirsov approved these changes

Assignees
No one assigned
Labels
bug formats:gif security
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Security: Infinite loop when decoding a crafted gif
2 participants
@JimBobSquarePants @antonfirsov