[ https://issues.apache.org/jira/browse/IMAGING-215?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Bruno P. Kinoshita updated IMAGING-215: --------------------------------------- Assignee: Bruno P. Kinoshita > ArrayIndexOutOfBoundsException in DhtSegment > -------------------------------------------- > > Key: IMAGING-215 > URL: https://issues.apache.org/jira/browse/IMAGING-215 > Project: Commons Imaging > Issue Type: Bug > Components: Format: JPEG > Affects Versions: 1.0 > Reporter: floyd > Assignee: Bruno P. Kinoshita > Priority: Major > Labels: security > Attachments: ArrayIndexOutOfBoundsException_DhtSegment_79.jpeg > > > I simply ran the Kelinci AFL-based Java fuzzer with the common immaging as > explained here (with better input files than the author, fuzzing is all about > corpus data): > [https://github.com/isstac/kelinci/tree/master/examples/commons-imaging] > I found the following issue when parsing the attached file: > > {code:java} > Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException: 0 > at > org.apache.commons.imaging.formats.jpeg.segments.DhtSegment$HuffmanTable.<init>(DhtSegment.java:79) > at > org.apache.commons.imaging.formats.jpeg.segments.DhtSegment.<init>(DhtSegment.java:173) > at > org.apache.commons.imaging.formats.jpeg.segments.DhtSegment.<init>(DhtSegment.java:146) > at > org.apache.commons.imaging.formats.jpeg.decoder.JpegDecoder.visitSegment(JpegDecoder.java:219) > at > org.apache.commons.imaging.formats.jpeg.JpegUtils.traverseJFIF(JpegUtils.java:89) > at > org.apache.commons.imaging.formats.jpeg.decoder.JpegDecoder.decode(JpegDecoder.java:437) > at > org.apache.commons.imaging.formats.jpeg.JpegImageParser.getBufferedImage(JpegImageParser.java:97) > at driver.Driver.main(Driver.java:23) > {code} > The rest is as described in the link, I also used > commons-imaging-1.0-RC7.tar.gz > The parser doesn't declare that an ArrayIndexOutOfBoundsException could be > thrown. > -- This message was sent by Atlassian JIRA (v7.6.3#76005)