su zi qi

icon indicating a website link https://www.hust.edu.cn/

icon company Huazhong University of Science and Technology icon location Luoyu Road 1037, Wuhan, China icon location Huazhong University of Science and Technology,major in Cyberspace Security

Results 2 issues of su zi qi

libjxl JPEG XL decoder crash due to uninitialized pointer access in malformed images

**Describe the bug** There is a vulnerability in the libjxl JPEG XL decoder that causes a program crash due to an uninitialized pointer access when processing malformed JPEG XL files....

Stack-use-after-scope in Grid async decoding

1 comment

### Description Decoding a crafted HEIF grid image triggers stack-use-after-scope at libheif/image-items/grid.cc:498. The lambda passed to std::async captures a reference to the destroyed stack variable progress_counter, leading to info-leak or...