Commit c5ae55a6 for libheif
commit c5ae55a697808db13ea48d20fa5c95d2dae08cdc
Author: Dirk Farin <dirk.farin@gmail.com>
Date: Mon Feb 23 23:49:35 2026 +0100
check that decoded image size matches the claimed size (#1709)
diff --git a/libheif/api/libheif/heif_image.cc b/libheif/api/libheif/heif_image.cc
index 4c6fe2a5..e19af209 100644
--- a/libheif/api/libheif/heif_image.cc
+++ b/libheif/api/libheif/heif_image.cc
@@ -68,6 +68,7 @@ int heif_image_get_height(const heif_image* img, heif_channel channel)
int heif_image_get_primary_width(const heif_image* img)
{
+ return uint32_to_int(img->image->get_primary_width());
if (img->image->get_colorspace() == heif_colorspace_RGB) {
if (img->image->get_chroma_format() == heif_chroma_444) {
return uint32_to_int(img->image->get_width(heif_channel_G));
@@ -84,6 +85,7 @@ int heif_image_get_primary_width(const heif_image* img)
int heif_image_get_primary_height(const heif_image* img)
{
+ return uint32_to_int(img->image->get_primary_height());
if (img->image->get_colorspace() == heif_colorspace_RGB) {
if (img->image->get_chroma_format() == heif_chroma_444) {
return uint32_to_int(img->image->get_height(heif_channel_G));
diff --git a/libheif/context.cc b/libheif/context.cc
index 4787837c..8ad18ee3 100644
--- a/libheif/context.cc
+++ b/libheif/context.cc
@@ -1311,6 +1311,20 @@ Result<std::shared_ptr<HeifPixelImage>> HeifContext::decode_image(heif_item_id I
std::shared_ptr<HeifPixelImage> img = *decodingResult;
+ // --- check that the decoded image has the claimed size (only check if transformations are applied)
+
+ if (!options.ignore_transformations &&
+ !(img->get_colorspace() == heif_colorspace_nonvisual ||
+ img->get_colorspace() == heif_colorspace_undefined) &&
+ (imgitem->get_width() != img->get_primary_width() ||
+ imgitem->get_height() != img->get_primary_height())) {
+ return Error{
+ heif_error_Invalid_input,
+ heif_suberror_Invalid_image_size,
+ "Decoded image does not have the claimed size."
+ };
+ }
+
// --- convert to output chroma format
auto img_result = convert_to_output_colorspace(img, out_colorspace, out_chroma, options);
diff --git a/libheif/pixelimage.cc b/libheif/pixelimage.cc
index 9b2b608e..113c6a5e 100644
--- a/libheif/pixelimage.cc
+++ b/libheif/pixelimage.cc
@@ -716,6 +716,38 @@ uint32_t HeifPixelImage::get_height(enum heif_channel channel) const
}
+uint32_t HeifPixelImage::get_primary_width() const
+{
+ if (m_colorspace == heif_colorspace_RGB) {
+ if (m_chroma == heif_chroma_444) {
+ return get_width(heif_channel_G);
+ }
+ else {
+ return get_width(heif_channel_interleaved);
+ }
+ }
+ else {
+ return get_width(heif_channel_Y);
+ }
+}
+
+
+uint32_t HeifPixelImage::get_primary_height() const
+{
+ if (m_colorspace == heif_colorspace_RGB) {
+ if (m_chroma == heif_chroma_444) {
+ return get_height(heif_channel_G);
+ }
+ else {
+ return get_height(heif_channel_interleaved);
+ }
+ }
+ else {
+ return get_height(heif_channel_Y);
+ }
+}
+
+
std::set<heif_channel> HeifPixelImage::get_channel_set() const
{
std::set<heif_channel> channels;
diff --git a/libheif/pixelimage.h b/libheif/pixelimage.h
index 33342052..f11a4a60 100644
--- a/libheif/pixelimage.h
+++ b/libheif/pixelimage.h
@@ -243,6 +243,12 @@ public:
bool has_odd_height() const { return !!(m_height & 1); }
+ // TODO: currently only defined for colorspace RGB, YCbCr, Monochrome
+ uint32_t get_primary_width() const;
+
+ // TODO: currently only defined for colorspace RGB, YCbCr, Monochrome
+ uint32_t get_primary_height() const;
+
heif_chroma get_chroma_format() const { return m_chroma; }
heif_colorspace get_colorspace() const { return m_colorspace; }