This is an automated email from the ASF dual-hosted git repository. garydgregory pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/commons-imaging.git
commit 2696d272de0f98c7f567e4d84176f5eb8dc4cf59 Author: Gary Gregory <[email protected]> AuthorDate: Tue Jun 23 15:07:24 2026 +0000 Fix int overflow in PCX image buffer sizing, now throws AllocationRequestException (#552). --- src/changes/changes.xml | 1 + .../org/apache/commons/imaging/formats/pcx/PcxImageParserTest.java | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/src/changes/changes.xml b/src/changes/changes.xml index d657fbe3..953817e4 100644 --- a/src/changes/changes.xml +++ b/src/changes/changes.xml @@ -50,6 +50,7 @@ The <action> type attribute can be add,update,fix,remove. <!-- FIX --> <action type="fix" dev="ggregory" due-to="Gary Gregory">Fix Apache RAT plugin console warnings.</action> <action type="fix" dev="ggregory" due-to="Gary Gregory">Fix Javadoc warnings.</action> + <action type="fix" dev="ggregory" due-to="alhuda, Gary Gregory">Fix int overflow in PCX image buffer sizing, now throws AllocationRequestException (#552).</action> <!-- ADD --> <!-- UPDATE --> <action type="update" dev="ggregory" due-to="Gary Gregory, Dependabot">Bump org.apache.commons:commons-parent from 83 to 102 #527, #530, #539, #544, #546, #550.</action> diff --git a/src/test/java/org/apache/commons/imaging/formats/pcx/PcxImageParserTest.java b/src/test/java/org/apache/commons/imaging/formats/pcx/PcxImageParserTest.java index 683b52b8..b12ff23b 100644 --- a/src/test/java/org/apache/commons/imaging/formats/pcx/PcxImageParserTest.java +++ b/src/test/java/org/apache/commons/imaging/formats/pcx/PcxImageParserTest.java @@ -26,8 +26,8 @@ class PcxImageParserTest { /** * A 24-bit PCX header whose width and height are both 65536 makes {@code rowLength * ySize} overflow {@code int} and wrap to a tiny value, which used to - * slip past the {@link AllocationRequestException} guard and allocate an undersized buffer. The size is now computed in {@code long}, so the real - * request is rejected. + * slip past the {@link AllocationRequestException} guard and allocate an undersized buffer. The size is now computed in {@code long}, so the real request + * is rejected. */ @Test void testBufferSizeOverflow() {
