Milan Nikl created IMAGING-373:
----------------------------------
Summary: OutOfMemory with invalid ICO input file
Key: IMAGING-373
URL: https://issues.apache.org/jira/browse/IMAGING-373
Project: Commons Imaging
Issue Type: Bug
Components: Format: BMP, Format: ICO
Affects Versions: 1.0-alpha3
Reporter: Milan Nikl
Attachments: epine.ico
While trying to _use org.apache.commons.imaging.formats.ico.IcoImageParser_ to
read an icon file, I'm getting OutOfMemory Error. The file is corrupted, but
that should not lead to an Error.
Icon is downloaded from [https://epine.es/assets/icos/epine.ico] and hopefully
attached to this issue.
[^epine.ico]
Trying to debug the problem, I found out that the cause is in misinterpreting
some values in
_org.apache.commons.imaging.formats.bmp.BmpImageParser#readBmpHeaderInfo(java.io.InputStream,
org.apache.commons.imaging.FormatCompliance)_ method while trying to load data
of the single image bitmap in given ico file.
While _fileSize_ value is 5990, the _bitmapDataOffset_ value parsed is
989265922. At the same time _expectedDataOffset_ value is 70, which leads to
_extraBytes_ value of 989265852.
Then
_org.apache.commons.imaging.common.BinaryFunctions#readBytes(java.lang.String,
java.io.InputStream, int, java.lang.String)_ tries to allocate byte array of
size 989265852. Which exhausts available memory of the JVM.
Maybe just a simple check of _extraBytes > bhi.fileSize_ could help?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
