Author: tilman
Date: Sun Mar 1 06:28:52 2026
New Revision: 1932085
Log:
PDFBOX-6171: rewrite getDecodeArray() so that enlarged arrays are truncated but
keep all the checks
Modified:
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/SampledImageReader.java
Modified:
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/SampledImageReader.java
==============================================================================
---
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/SampledImageReader.java
Sun Mar 1 04:20:03 2026 (r1932084)
+++
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/SampledImageReader.java
Sun Mar 1 06:28:52 2026 (r1932085)
@@ -33,6 +33,7 @@ import javax.imageio.stream.MemoryCacheI
import org.apache.logging.log4j.Logger;
import org.apache.logging.log4j.LogManager;
import org.apache.pdfbox.cos.COSArray;
+import org.apache.pdfbox.cos.COSBase;
import org.apache.pdfbox.cos.COSNumber;
import org.apache.pdfbox.filter.DecodeOptions;
import org.apache.pdfbox.pdmodel.graphics.color.PDColorSpace;
@@ -741,45 +742,40 @@ final class SampledImageReader
private static float[] getDecodeArray(PDImage pdImage) throws IOException
{
final COSArray cosDecode = pdImage.getDecode();
- float[] decode = null;
if (cosDecode != null)
{
int numberOfComponents =
pdImage.getColorSpace().getNumberOfComponents();
- if (cosDecode.size() != numberOfComponents * 2)
+ if (cosDecode.size() >= numberOfComponents * 2)
{
- if (pdImage.isStencil() && cosDecode.size() >= 2
- && cosDecode.get(0) instanceof COSNumber
- && cosDecode.get(1) instanceof COSNumber)
- {
- float decode0 = ((COSNumber)
cosDecode.get(0)).floatValue();
- float decode1 = ((COSNumber)
cosDecode.get(1)).floatValue();
- if (decode0 >= 0 && decode0 <= 1 && decode1 >= 0 &&
decode1 <= 1)
+ boolean error = false;
+ float[] decode = new float[numberOfComponents * 2];
+ for (int i = 0; i < decode.length; ++i)
+ {
+ COSBase base = cosDecode.get(i);
+ if (base instanceof COSNumber)
{
- LOG.warn(
- "decode array {} not compatible with color
space, using the first two entries",
- cosDecode);
- return new float[]
- {
- decode0, decode1
- };
+ decode[i] = ((COSNumber) base).floatValue();
+ }
+ else
+ {
+ error = true;
+ break;
}
}
- LOG.error("decode array {} not compatible with color space,
using default",
- cosDecode);
- }
- else
- {
- decode = cosDecode.toFloatArray();
+ if (pdImage.isStencil() && (decode[0] < 0 || decode[0] > 1 ||
decode[1] < 0 || decode[1] > 1))
+ {
+ error = true;
+ }
+ if (!error)
+ {
+ return decode;
+ }
}
}
// use color space default
- if (decode == null)
- {
- return
pdImage.getColorSpace().getDefaultDecode(pdImage.getBitsPerComponent());
- }
-
- return decode;
+ LOG.error("decode array {} not compatible with color space, using
default", cosDecode);
+ return
pdImage.getColorSpace().getDefaultDecode(pdImage.getBitsPerComponent());
}
}
