You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by gg...@apache.org on 2023/06/03 21:52:47 UTC

[commons-imaging] branch master updated: Better exception reporting

This is an automated email from the ASF dual-hosted git repository.

ggregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-imaging.git


The following commit(s) were added to refs/heads/master by this push:
     new 231019e5 Better exception reporting
231019e5 is described below

commit 231019e52cef3b7bc17f044e8cd39e3088610ae5
Author: Gary Gregory <ga...@gmail.com>
AuthorDate: Sat Jun 3 17:50:56 2023 -0400

    Better exception reporting
    
    oss-fuzz issue 59566
---
 .../apache/commons/imaging/common/ImageBuilder.java | 21 ++++++++++++++-------
 1 file changed, 14 insertions(+), 7 deletions(-)

diff --git a/src/main/java/org/apache/commons/imaging/common/ImageBuilder.java b/src/main/java/org/apache/commons/imaging/common/ImageBuilder.java
index 8c5c1d7b..68537c4e 100644
--- a/src/main/java/org/apache/commons/imaging/common/ImageBuilder.java
+++ b/src/main/java/org/apache/commons/imaging/common/ImageBuilder.java
@@ -293,16 +293,23 @@ public class ImageBuilder {
     }
 
     /**
-     * Sets the RGB or ARGB value for the pixel at position (x,y)
-     * within the image builder pixel field. For performance reasons,
-     * no bounds checking is applied.
+     * Sets the RGB or ARGB value for the pixel at position (x,y) within the image builder pixel field. For performance
+     * reasons, no bounds checking is applied.
      *
-     * @param x the X coordinate of the pixel to be set
-     * @param y the Y coordinate of the pixel to be set
+     * @param x    the X coordinate of the pixel to be set.
+     * @param y    the Y coordinate of the pixel to be set.
      * @param argb the RGB or ARGB value to be stored.
+     * @throws ArithmeticException if the index computation overflows an int.
+     * @throws IllegalArgumentException if the resulting index is illegal.
      */
     public void setRGB(final int x, final int y, final int argb) {
-        final int rowOffset = y * width;
-        data[rowOffset + x] = argb;
+        // Throw ArithmeticException if the result overflows an int.
+        final int rowOffset = Math.multiplyExact(y, width);
+        // Throw ArithmeticException if the result overflows an int.
+        final int index = Math.addExact(rowOffset, x);
+        if (index > data.length) {
+            throw new IllegalArgumentException("setRGB: Illegal array index.");
+        }
+        data[index] = argb;
     }
 }