GdkPixbuf GIF Decoder Uninitialized Memory Disclosure Vulnerability

A memory disclosure vulnerability has been identified in GdkPixbuf's GIF parser, specifically within the LZW decoder. When the decoder encounters an invalid symbol during the decompression process, it erroneously reports the output size as the full buffer length instead of the actual number of bytes written. This flaw allows uninitialized portions of the buffer to be included in the output, potentially leaking arbitrary memory contents through the processed image.

Impact

Exploitation of this vulnerability can lead to unauthorized access to uninitialized memory, which may contain sensitive information.

Reproduction

To reproduce this vulnerability, create a crafted GIF file that includes invalid LZW symbols. When this GIF is processed by GdkPixbuf, the decoder will incorrectly handle the invalid symbols, leading to the inclusion of uninitialized memory in the output image. After processing, the leaked memory contents can be accessed from the resulting pixbuf.