You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by ki...@apache.org on 2018/02/10 10:14:38 UTC

commons-imaging git commit: IMAGING-215: prevent ArrayIndexOutOfBoundsException when creating Huffman table

Repository: commons-imaging
Updated Branches:
  refs/heads/master 7e7f96857 -> 6228007aa


IMAGING-215: prevent ArrayIndexOutOfBoundsException when creating Huffman table


Project: http://git-wip-us.apache.org/repos/asf/commons-imaging/repo
Commit: http://git-wip-us.apache.org/repos/asf/commons-imaging/commit/6228007a
Tree: http://git-wip-us.apache.org/repos/asf/commons-imaging/tree/6228007a
Diff: http://git-wip-us.apache.org/repos/asf/commons-imaging/diff/6228007a

Branch: refs/heads/master
Commit: 6228007aa81fb62e4c90e11d3a3efccf35f2df93
Parents: 7e7f968
Author: Bruno P. Kinoshita <br...@yahoo.com.br>
Authored: Sat Feb 10 22:39:50 2018 +1300
Committer: Bruno P. Kinoshita <br...@yahoo.com.br>
Committed: Sat Feb 10 23:12:19 2018 +1300

----------------------------------------------------------------------
 src/changes/changes.xml                         |   3 ++
 .../formats/jpeg/segments/DhtSegment.java       |   3 ++
 .../jpeg/JpegWithInvalidDhtSegmentTest.java     |  41 +++++++++++++++++++
 ...IndexOutOfBoundsException_DhtSegment_79.jpeg | Bin 0 -> 2746 bytes
 4 files changed, 47 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/commons-imaging/blob/6228007a/src/changes/changes.xml
----------------------------------------------------------------------
diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index 3237559..d06dbbd 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -46,6 +46,9 @@ The <action> type attribute can be add,update,fix,remove.
   <body>
 
     <release version="1.0" date="TBA" description="First major release">
+      <action issue="IMAGING-215" dev="kinow" type="fix">
+        ArrayIndexOutOfBoundsException in DhtSegment
+      </action>
       <action issue="IMAGING-203" dev="kinow" type="fix" due-to="Rody Kersten">
         JPEG segment size not validated
       </action>

http://git-wip-us.apache.org/repos/asf/commons-imaging/blob/6228007a/src/main/java/org/apache/commons/imaging/formats/jpeg/segments/DhtSegment.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/commons/imaging/formats/jpeg/segments/DhtSegment.java b/src/main/java/org/apache/commons/imaging/formats/jpeg/segments/DhtSegment.java
index 81cfd20..8763aa8 100644
--- a/src/main/java/org/apache/commons/imaging/formats/jpeg/segments/DhtSegment.java
+++ b/src/main/java/org/apache/commons/imaging/formats/jpeg/segments/DhtSegment.java
@@ -77,6 +77,9 @@ public class DhtSegment extends Segment {
             int si = huffSize[0];
             huffCode = new int[lastK];
             while (true) {
+                if (k >= lastK) {
+                    break;
+                }
                 huffCode[k] = code;
                 code++;
                 k++;

http://git-wip-us.apache.org/repos/asf/commons-imaging/blob/6228007a/src/test/java/org/apache/commons/imaging/formats/jpeg/JpegWithInvalidDhtSegmentTest.java
----------------------------------------------------------------------
diff --git a/src/test/java/org/apache/commons/imaging/formats/jpeg/JpegWithInvalidDhtSegmentTest.java b/src/test/java/org/apache/commons/imaging/formats/jpeg/JpegWithInvalidDhtSegmentTest.java
new file mode 100644
index 0000000..75cd4f7
--- /dev/null
+++ b/src/test/java/org/apache/commons/imaging/formats/jpeg/JpegWithInvalidDhtSegmentTest.java
@@ -0,0 +1,41 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.commons.imaging.formats.jpeg;
+
+import java.io.File;
+import java.util.Collections;
+import org.apache.commons.imaging.ImageReadException;
+import org.apache.commons.imaging.Imaging;
+import org.junit.Test;
+
+/**
+ * Test that an invalid segment will not cause an ArrayIndexOutOfBoundsException
+ * when the huffman table is created in a DHT segment.
+ */
+public class JpegWithInvalidDhtSegmentTest {
+
+    @Test(expected = ImageReadException.class)
+    public void testSingleImage() throws Exception {
+        // we cannot use ImagingTest and getImageByFileName, as it would cause others
+        // tests to fail
+        final File imageFile = new File(JpegWithInvalidDhtSegmentTest.class
+                .getResource("/IMAGING-215/ArrayIndexOutOfBoundsException_DhtSegment_79.jpeg")
+                .getFile());
+        Imaging.getMetadata(imageFile, Collections.<String, Object>emptyMap());
+    }
+}

http://git-wip-us.apache.org/repos/asf/commons-imaging/blob/6228007a/src/test/resources/IMAGING-215/ArrayIndexOutOfBoundsException_DhtSegment_79.jpeg
----------------------------------------------------------------------
diff --git a/src/test/resources/IMAGING-215/ArrayIndexOutOfBoundsException_DhtSegment_79.jpeg b/src/test/resources/IMAGING-215/ArrayIndexOutOfBoundsException_DhtSegment_79.jpeg
new file mode 100644
index 0000000..afc33cd
Binary files /dev/null and b/src/test/resources/IMAGING-215/ArrayIndexOutOfBoundsException_DhtSegment_79.jpeg differ