> This adds support for parsing thumbnails in an APP1 Exif marker.
>
> This builds on an unfinished proposal by Brian Burkhalter (around 2016). In
> that previous work the only additional meta info he parsed was the image
> creation time; this PR similarly includes the same property. (I can't speak
> to why he included that property, but it looks like he has a lot of
> experience with ImageIO so I trust his judgment.)
>
> ~~The test addresses the original images attached to the ticket plus a few
> extra images I found on my computer that include unusual properties.
> (Possibly those images are malformed, but if they exist in the wild and other
> platforms support them then I'd prefer to support them too.)~~
>
> The images used in this test are contributed by Brian and me.
Jeremy has updated the pull request with a new target base due to a merge or a
rebase. The incremental webrev excludes the unrelated changes brought in by the
merge/rebase. The pull request contains 31 additional commits since the last
revision:
- Merge branch 'master' into JDK-8160327
- Merge branch 'openjdk:master' into master
- Revert "8160327: trying to placate PR script"
This reverts commit 52cf81f49a61d80c473b69e4a504eeb1d03c38a3.
- 8160327: trying to placate PR script
The github script still classifies two of the sample jpgs as executable
files, which it classifies as errors.
- 8160327: trying to placate PR script
Some github script is concluding:
```
Errors
⚠️ Executable files are not allowed (file:
test/jdk/javax/imageio/plugins/jpeg/JpegExifThumbnail/jfif_and_exif.jpg)
⚠️ Executable files are not allowed (file:
test/jdk/javax/imageio/plugins/jpeg/JpegExifThumbnail/malicious_looping_IFD.jpg)
```
I'm trying to figure what separates these files from the other JPGs. Maybe I
need to use hyphens instead of underscores...? Let's check.
- 8160327: replacing the "sony-d700" image
The origins of that image were unknown, so we weren't sure if we had the
rights to store it in the OpenJDK repo.
I couldn't figure out how to create this kind of uncompressed thumbnail from
an image editing app, so I spliced this new file together manually in a hex
editor using the sony-d700 image as a blueprint.
- 8160327: fix looping ImageFileDirectory vulnerability
There was a `while` loop that someone could exploit to loop infinitely. Now
we read exactly 2 iterations and stop.
- 8160327: remove bug ID from image file names
Now the bug ID is mentioned in their parent directory name.
This is in response to:
https://github.com/openjdk/jdk/pull/22898#issuecomment-2675396159
- 8160327: replace image of unknown origin with my own image
- 8160327: alphabetize imports
This is in response to:
https://github.com/openjdk/jdk/pull/22898#discussion_r1956718373
- ... and 21 more: https://git.openjdk.org/jdk/compare/5c43b70e...b70b0802
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/22898/files
- new: https://git.openjdk.org/jdk/pull/22898/files/52cf81f4..b70b0802
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=22898&range=07
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=22898&range=06-07
Stats: 252503 lines in 5866 files changed: 122075 ins; 103730 del; 26698 mod
Patch: https://git.openjdk.org/jdk/pull/22898.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/22898/head:pull/22898
PR: https://git.openjdk.org/jdk/pull/22898
