[jira] [Updated] (IMAGING-164) Possible dereferencing of possibel null pointer in IcoImageParser::writeImage

JIRA Sat, 07 Feb 2015 03:23:44 -0800

     [ 
https://issues.apache.org/jira/browse/IMAGING-164?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Michael Groß updated IMAGING-164:
---------------------------------
    Description: 
org.apache.commons.imaging.formats.ico.IcoImageParser::writeImage(final 
BufferedImage src, final OutputStream os, final ImagingParameters params)
may throw na unexpected NullPointerException because it of the following code:
{noformat}
final SimplePalette palette = paletteFactory.makeExactRgbPaletteSimple(src, 
256);
{noformat}
Then asking if the created palette is null. I will discuss where it comes from 
below. For now it is interesting that we set the variable bitCount despite the 
SimplePalette is null. Currently this makes no sense because the code will 
throw a NullPointerException later if SimplePalette is null.
{noformat}
if (palette == null) {
            if (hasTransparency) {
                bitCount = 32;
            } else {
                bitCount = 24;
            }
{noformat}
In the later for-loop we try to call *getPaletteIndex(rgb)* on the 
SimplePalette instance. If it contains null, we'll get a NullPointerException 
here.
{noformat}
for (int y = src.getHeight() - 1; y >= 0; y--) {
            for (int x = 0; x < src.getWidth(); x++) {
                final int argb = src.getRGB(x, y);
                if (bitCount < 8) {
                    final int rgb = 0xffffff & argb;
                    final int index = palette.getPaletteIndex(rgb); // possible 
NullPointerException
                   ...
                } else if (bitCount == 8) {
                    final int rgb = 0xffffff & argb;
                    final int index = palette.getPaletteIndex(rgb);  // 
possible NullPointerException
{noformat}

Why can SimplePalette be null? It comes from 
PaletteFactory::makeExactRgbPaletteSimple(final BufferedImage src, final int 
max). As it's javadoc says it will "fails by returning null if there are more 
than max colors necessary":
{noformat}
if (rgbs.add(rgb) && rgbs.size() > max) {
                    return null;
                }
{noformat}

My first idea goes to throw a RunTimeException rather than returning null. But 
one has to check if there are cases where the return of null causes some error 
handlich i.e. increasing the number of colors or creating another object.

  was:
org.apache.commons.imaging.formats.ico.IcoImageParser::writeImage(final 
BufferedImage src, final OutputStream os, final ImagingParameters params)
may throw na unexpected NullPointerException because it of the following code:
{noformat}
final SimplePalette palette = paletteFactory.makeExactRgbPaletteSimple(src, 
256);
{noformat}
Then asking if the created palette is null. I will discuss where it comes from 
below. For now it is interesting that we set the variable bitCount despite the 
SimplePalette is null. Currently this makes no sense because the code will 
throw a NullPointerException later if SimplePalette is null.
{noformat}
if (palette == null) {
            if (hasTransparency) {
                bitCount = 32;
            } else {
                bitCount = 24;
            }
{noformat}
In the later for-loop we try to call *getPaletteIndex(rgb)* on the 
SimplePalette instance. If it contains null, we'll get a NullPointerException 
here.
{noformat}
for (int y = src.getHeight() - 1; y >= 0; y--) {
            for (int x = 0; x < src.getWidth(); x++) {
                final int argb = src.getRGB(x, y);
                if (bitCount < 8) {
                    final int rgb = 0xffffff & argb;
                    final int index = palette.getPaletteIndex(rgb); // possible 
NullPointerException
                   ...
                } else if (bitCount == 8) {
                    final int rgb = 0xffffff & argb;
                    final int index = palette.getPaletteIndex(rgb);  // 
possible NullPointerException
{noformat}

Why can SimplePalette be null? It comes from 
PaletteFactory::makeExactRgbPaletteSimple(final BufferedImage src, final int 
max). As it's javadoc says it will "fails by returning {@code null} if there 
are more than {@code max} colors necessary":
{noformat}
if (rgbs.add(rgb) && rgbs.size() > max) {
                    return null;
                }
{noformat}

My first idea goes to throw a RunTimeException rather than returning null. But 
one has to check if there are cases where the return of null causes some error 
handlich i.e. increasing the number of colors or creating another object.


> Possible dereferencing of possibel null pointer in IcoImageParser::writeImage
> -----------------------------------------------------------------------------
>
>                 Key: IMAGING-164
>                 URL: https://issues.apache.org/jira/browse/IMAGING-164
>             Project: Commons Imaging
>          Issue Type: Bug
>          Components: Format: ICO
>            Reporter: Michael Groß
>             Fix For: Patch Needed
>
>
> org.apache.commons.imaging.formats.ico.IcoImageParser::writeImage(final 
> BufferedImage src, final OutputStream os, final ImagingParameters params)
> may throw na unexpected NullPointerException because it of the following code:
> {noformat}
> final SimplePalette palette = paletteFactory.makeExactRgbPaletteSimple(src, 
> 256);
> {noformat}
> Then asking if the created palette is null. I will discuss where it comes 
> from below. For now it is interesting that we set the variable bitCount 
> despite the SimplePalette is null. Currently this makes no sense because the 
> code will throw a NullPointerException later if SimplePalette is null.
> {noformat}
> if (palette == null) {
>             if (hasTransparency) {
>                 bitCount = 32;
>             } else {
>                 bitCount = 24;
>             }
> {noformat}
> In the later for-loop we try to call *getPaletteIndex(rgb)* on the 
> SimplePalette instance. If it contains null, we'll get a NullPointerException 
> here.
> {noformat}
> for (int y = src.getHeight() - 1; y >= 0; y--) {
>             for (int x = 0; x < src.getWidth(); x++) {
>                 final int argb = src.getRGB(x, y);
>                 if (bitCount < 8) {
>                     final int rgb = 0xffffff & argb;
>                     final int index = palette.getPaletteIndex(rgb); // 
> possible NullPointerException
>                    ...
>                 } else if (bitCount == 8) {
>                     final int rgb = 0xffffff & argb;
>                     final int index = palette.getPaletteIndex(rgb);  // 
> possible NullPointerException
> {noformat}
> Why can SimplePalette be null? It comes from 
> PaletteFactory::makeExactRgbPaletteSimple(final BufferedImage src, final int 
> max). As it's javadoc says it will "fails by returning null if there are more 
> than max colors necessary":
> {noformat}
> if (rgbs.add(rgb) && rgbs.size() > max) {
>                     return null;
>                 }
> {noformat}
> My first idea goes to throw a RunTimeException rather than returning null. 
> But one has to check if there are cases where the return of null causes some 
> error handlich i.e. increasing the number of colors or creating another 
> object.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (IMAGING-164) Possible dereferencing of possibel null pointer in IcoImageParser::writeImage

Reply via email to