You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by GitBox <gi...@apache.org> on 2020/01/19 20:38:20 UTC
[GitHub] [commons-imaging] kinow commented on a change in pull request #37:
[IMAGING-248]: ICNS: missing element types; some safety checks
kinow commented on a change in pull request #37: [IMAGING-248]: ICNS: missing element types; some safety checks
URL: https://github.com/apache/commons-imaging/pull/37#discussion_r368320786
##########
File path: src/main/java/org/apache/commons/imaging/formats/icns/IcnsImageParser.java
##########
@@ -195,19 +195,14 @@ public void dump(final PrintWriter pw) {
}
}
- private IcnsElement readIcnsElement(final InputStream is) throws IOException {
- final int type = read4Bytes("Type", is, "Not a Valid ICNS File", getByteOrder()); // Icon type
- // (4 bytes)
- final int elementSize = read4Bytes("ElementSize", is, "Not a Valid ICNS File", getByteOrder()); // Length
- // of
- // data
- // (4
- // bytes),
- // in
- // bytes,
- // including
- // this
- // header
+ private IcnsElement readIcnsElement(final InputStream is, final int remainingSize) throws IOException {
+ // Icon type (4 bytes)
+ final int type = read4Bytes("Type", is, "Not a Valid ICNS File", getByteOrder());
+ // Length of data (4 bytes), in bytes, including this header
+ final int elementSize = read4Bytes("ElementSize", is, "Not a Valid ICNS File", getByteOrder());
+ if (elementSize > remainingSize) {
Review comment:
The `groovy.icns` file mentioned in the PR fails to parse here 🤔 resulting in an exception
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services