decoding.c in android-gif-drawable before 1.2.24 does not limit the maximum length of a comment, leading to denial of service.