The animation encoder accepted AnimFrames whose dimensions were smaller than the animation canvas, but anim_encode() passed the canvas dimensions to new_picture() for every frame. This made libwebp import a smaller frame buffer as if it contained a full canvas-sized image, reading past the end of the declared frame data. In practice, trailing bytes after the frame slice could be encoded as pixels; this is an out-of-bounds read that may leak memory contents into the output.

Animated WebP itself supports subframes with offsets, but this crate’s AnimFrame API does not expose offset/blend/dispose fields, and libwebp’s WebPAnimEncoderAdd() expects full canvas snapshots. libwebp can then optimize those full snapshots into subframes internally.

This fix rejects animation frames whose dimensions do not match the canvas before calling into C, and also rejects frame buffers that are too small for their declared dimensions/layout.

The memory safety issue was discovered by GPT-5.5.