From 670ff9cbeec7f103a3efa51cb02453fb9c1f111e Mon Sep 17 00:00:00 2001
From: Sam Lantinga <[EMAIL REDACTED]>
Date: Thu, 30 Apr 2026 21:34:34 -0700
Subject: [PATCH] Fixed attempted parsing of corrupt APNG file (thanks
@GHYoungKyun!)
Closes https://github.com/libsdl-org/SDL_image/pull/737
(cherry picked from commit 860487c4bd5985906b01610072fe4c7c914ef0f9)
---
src/IMG_libpng.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/IMG_libpng.c b/src/IMG_libpng.c
index 7a5e710b..f90c9b14 100644
--- a/src/IMG_libpng.c
+++ b/src/IMG_libpng.c
@@ -1502,8 +1502,8 @@ bool IMG_CreateAPNGAnimationDecoder(IMG_AnimationDecoder *decoder, SDL_Propertie
}
}
- if (!ctx->is_apng || ctx->fctl_count == 0) {
- SDL_SetError("Not an APNG file or no frame control chunks found");
+ if (!ctx->is_apng || ctx->fctl_count == 0 || ctx->actl.num_frames > ctx->fctl_count) {
+ SDL_SetError("Not an APNG file or not enough frame control chunks found");
IMG_AnimationDecoderClose_Internal(decoder);
return false;
}