Repository: commons-imaging Updated Branches: refs/heads/master 7e7f96857 -> 6228007aa
IMAGING-215: prevent ArrayIndexOutOfBoundsException when creating Huffman table Project: http://git-wip-us.apache.org/repos/asf/commons-imaging/repo Commit: http://git-wip-us.apache.org/repos/asf/commons-imaging/commit/6228007a Tree: http://git-wip-us.apache.org/repos/asf/commons-imaging/tree/6228007a Diff: http://git-wip-us.apache.org/repos/asf/commons-imaging/diff/6228007a Branch: refs/heads/master Commit: 6228007aa81fb62e4c90e11d3a3efccf35f2df93 Parents: 7e7f968 Author: Bruno P. Kinoshita <brunodepau...@yahoo.com.br> Authored: Sat Feb 10 22:39:50 2018 +1300 Committer: Bruno P. Kinoshita <brunodepau...@yahoo.com.br> Committed: Sat Feb 10 23:12:19 2018 +1300 ---------------------------------------------------------------------- src/changes/changes.xml | 3 ++ .../formats/jpeg/segments/DhtSegment.java | 3 ++ .../jpeg/JpegWithInvalidDhtSegmentTest.java | 41 +++++++++++++++++++ ...IndexOutOfBoundsException_DhtSegment_79.jpeg | Bin 0 -> 2746 bytes 4 files changed, 47 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/commons-imaging/blob/6228007a/src/changes/changes.xml ---------------------------------------------------------------------- diff --git a/src/changes/changes.xml b/src/changes/changes.xml index 3237559..d06dbbd 100644 --- a/src/changes/changes.xml +++ b/src/changes/changes.xml @@ -46,6 +46,9 @@ The <action> type attribute can be add,update,fix,remove. <body> <release version="1.0" date="TBA" description="First major release"> + <action issue="IMAGING-215" dev="kinow" type="fix"> + ArrayIndexOutOfBoundsException in DhtSegment + </action> <action issue="IMAGING-203" dev="kinow" type="fix" due-to="Rody Kersten"> JPEG segment size not validated </action> http://git-wip-us.apache.org/repos/asf/commons-imaging/blob/6228007a/src/main/java/org/apache/commons/imaging/formats/jpeg/segments/DhtSegment.java ---------------------------------------------------------------------- diff --git a/src/main/java/org/apache/commons/imaging/formats/jpeg/segments/DhtSegment.java b/src/main/java/org/apache/commons/imaging/formats/jpeg/segments/DhtSegment.java index 81cfd20..8763aa8 100644 --- a/src/main/java/org/apache/commons/imaging/formats/jpeg/segments/DhtSegment.java +++ b/src/main/java/org/apache/commons/imaging/formats/jpeg/segments/DhtSegment.java @@ -77,6 +77,9 @@ public class DhtSegment extends Segment { int si = huffSize[0]; huffCode = new int[lastK]; while (true) { + if (k >= lastK) { + break; + } huffCode[k] = code; code++; k++; http://git-wip-us.apache.org/repos/asf/commons-imaging/blob/6228007a/src/test/java/org/apache/commons/imaging/formats/jpeg/JpegWithInvalidDhtSegmentTest.java ---------------------------------------------------------------------- diff --git a/src/test/java/org/apache/commons/imaging/formats/jpeg/JpegWithInvalidDhtSegmentTest.java b/src/test/java/org/apache/commons/imaging/formats/jpeg/JpegWithInvalidDhtSegmentTest.java new file mode 100644 index 0000000..75cd4f7 --- /dev/null +++ b/src/test/java/org/apache/commons/imaging/formats/jpeg/JpegWithInvalidDhtSegmentTest.java @@ -0,0 +1,41 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.commons.imaging.formats.jpeg; + +import java.io.File; +import java.util.Collections; +import org.apache.commons.imaging.ImageReadException; +import org.apache.commons.imaging.Imaging; +import org.junit.Test; + +/** + * Test that an invalid segment will not cause an ArrayIndexOutOfBoundsException + * when the huffman table is created in a DHT segment. + */ +public class JpegWithInvalidDhtSegmentTest { + + @Test(expected = ImageReadException.class) + public void testSingleImage() throws Exception { + // we cannot use ImagingTest and getImageByFileName, as it would cause others + // tests to fail + final File imageFile = new File(JpegWithInvalidDhtSegmentTest.class + .getResource("/IMAGING-215/ArrayIndexOutOfBoundsException_DhtSegment_79.jpeg") + .getFile()); + Imaging.getMetadata(imageFile, Collections.<String, Object>emptyMap()); + } +} http://git-wip-us.apache.org/repos/asf/commons-imaging/blob/6228007a/src/test/resources/IMAGING-215/ArrayIndexOutOfBoundsException_DhtSegment_79.jpeg ---------------------------------------------------------------------- diff --git a/src/test/resources/IMAGING-215/ArrayIndexOutOfBoundsException_DhtSegment_79.jpeg b/src/test/resources/IMAGING-215/ArrayIndexOutOfBoundsException_DhtSegment_79.jpeg new file mode 100644 index 0000000..afc33cd Binary files /dev/null and b/src/test/resources/IMAGING-215/ArrayIndexOutOfBoundsException_DhtSegment_79.jpeg differ
