Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
The gifuct-js package is a JavaScript library that allows you to decode and extract frames from GIF files. It is useful for developers who need to manipulate GIFs in the browser, such as extracting individual frames for further processing or analysis.
Decode GIF
This feature allows you to decode a GIF file and extract its frames. The code sample demonstrates how to use gifuct-js to parse a GIF buffer and decompress its frames, which can then be used for various purposes such as displaying or analyzing individual frames.
const { parseGIF, decompressFrames } = require('gifuct-js');
const gif = parseGIF(buffer);
const frames = decompressFrames(gif, true);
Extract Frames
This feature allows you to extract frames from a GIF and access their properties. The code sample shows how to iterate over the frames extracted from a GIF and log their dimensions and pixel data, which can be useful for custom rendering or processing.
const { parseGIF, decompressFrames } = require('gifuct-js');
const gif = parseGIF(buffer);
const frames = decompressFrames(gif, true);
frames.forEach(frame => {
console.log(frame.dims, frame.patch);
});
gif.js is a JavaScript library that allows you to create GIFs in the browser. Unlike gifuct-js, which focuses on decoding and extracting frames from existing GIFs, gif.js is used for generating new GIFs from image data or canvas elements.
omggif is a JavaScript library for reading and writing GIF files. It provides low-level access to GIF data, similar to gifuct-js, but also includes functionality for creating GIFs. While gifuct-js is more focused on frame extraction, omggif offers a broader range of GIF manipulation capabilities.
A Simple to use javascript .GIF decoder.
We needed to be able to efficiently load and manipulate GIF files for the Ruffle hybrid app (for mobiles). There are a couple of example libraries out there like jsgif & its derivative libgif-js, however these are admittedly inefficient, and a mess. After pulling our hair out trying to understand the ancient, mystic gif format (hence the project name), we decided to just roll our own. This library also removes any specific drawing code, and simply parses, and decompresses gif files so that you can manipulate and display them however you like. We do include imageData
patch construction though to get you most of the way there.
You can see a demo of this library in action here
Installation:
npm install gifuct-js
Decoding:
This decoder uses js-binary-schema-parser to parse the gif files (you can examine the schema in the source). This means the gif file must firstly be converted into a Uint8Array
buffer in order to decode it. Some examples:
fetch
import { parseGIF, decompressFrames } from 'gifuct-js'
var promisedGif = fetch(gifURL)
.then(resp => resp.arrayBuffer())
.then(buff => parseGIF(buff))
.then(gif => decompressFrames(gif, true));
XMLHttpRequest
import { parseGIF, decompressFrames } from 'gifuct-js'
var oReq = new XMLHttpRequest();
oReq.open("GET", gifURL, true);
oReq.responseType = "arraybuffer";
oReq.onload = function (oEvent) {
var arrayBuffer = oReq.response; // Note: not oReq.responseText
if (arrayBuffer) {
var gif = parseGIF(arrayBuffer);
var frames = decompressFrames(gif, true);
// do something with the frame data
}
};
oReq.send(null);
Result:
The result of the decompressFrames(gif, buildPatch)
function returns an array of all the GIF image frames, and their meta data. Here is a an example frame:
{
// The color table lookup index for each pixel
pixels: [...],
// the dimensions of the gif frame (see disposal method)
dims: {
top: 0,
left: 10,
width: 100,
height: 50
},
// the time in milliseconds that this frame should be shown
delay: 50,
// the disposal method (see below)
disposalType: 1,
// an array of colors that the pixel data points to
colorTable: [...],
// An optional color index that represents transparency (see below)
transparentIndex: 33,
// Uint8ClampedArray color converted patch information for drawing
patch: [...]
}
Automatic Patch Generation:
If the buildPatch
param of the dcompressFrames()
function is true
, the parser will not only return the parsed and decompressed gif frames, but will also create canvas ready Uint8ClampedArray
arrays of each gif frame image, so that they can easily be drawn using ctx.putImageData()
for example. This requirement is common, however it was made optional because it makes assumptions about transparency. The demo makes use of this option.
Disposal Method:
The pixel
data is stored as a list of indexes for each pixel. These each point to a value in the colorTable
array, which contain the color that each pixel should be drawn. Each frame of the gif may not be the full size, but instead a patch that needs to be drawn over a particular location. The disposalType
defines how that patch should be drawn over the gif canvas. In most cases, that value will be 1
, indicating that the gif frame should be simply drawn over the existing gif canvas without altering any pixels outside the frames patch dimensions. More can be read about this here.
Transparency:
If a transparentIndex
is defined for a frame, it means that any pixel within the pixel data that matches this index should not be drawn. When drawing the patch using canvas, this means setting the alpha value for this pixel to 0
.
Check out the demo for an example of how to draw/manipulate a gif using this library. We wanted the library to be drawing agnostic to allow users to do what they wish with the raw gif data, rather than impose a method that has to be altered. On this note however, we provide an easy interface for creating commonly used canvas pixel data for drawing ease.
We underestimated the convolutedness of the GIF format, so this library couldn't have been made without the help of:
FAQs
Easy to use efficient .GIF parsing in javascript
The npm package gifuct-js receives a total of 83,732 weekly downloads. As such, gifuct-js popularity was classified as popular.
We found that gifuct-js demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.