tiff.Encode will iterate over every row in an image under some circumstances, even when the image width is 0. This can cause high CPU usage when encoding an image where the width*height is 0.
This was reported to us as a potential vulnerability. While we consider excessive CPU usage in decoding a malicious input to be in-scope for vulnerabilities, we do not consider malicious inputs to Encode to be within our threat model.
x/image/tiff should probably just return an error when encountering a zero-size image on either encode or decode.
tiff.Encodewill iterate over every row in an image under some circumstances, even when the image width is 0. This can cause high CPU usage when encoding an image where the width*height is 0.This was reported to us as a potential vulnerability. While we consider excessive CPU usage in decoding a malicious input to be in-scope for vulnerabilities, we do not consider malicious inputs to
Encodeto be within our threat model.x/image/tiffshould probably just return an error when encountering a zero-size image on either encode or decode.