[
https://issues.apache.org/jira/browse/IMAGING-215?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16359360#comment-16359360
]
Bruno P. Kinoshita commented on IMAGING-215:
--------------------------------------------
Now the code will throw another error:
{noformat}
Exception in thread "main" java.io.IOException: Not a Valid JPEG File
at
org.apache.commons.imaging.common.BinaryFunctions.readByte(BinaryFunctions.java:74)
at
org.apache.commons.imaging.formats.jpeg.segments.DhtSegment.<init>(DhtSegment.java:161)
at
org.apache.commons.imaging.formats.jpeg.segments.DhtSegment.<init>(DhtSegment.java:138)
at
org.apache.commons.imaging.formats.jpeg.decoder.JpegDecoder.visitSegment(JpegDecoder.java:221)
at
org.apache.commons.imaging.formats.jpeg.JpegUtils.traverseJFIF(JpegUtils.java:91)
at
org.apache.commons.imaging.formats.jpeg.decoder.JpegDecoder.decode(JpegDecoder.java:438)
at
org.apache.commons.imaging.formats.jpeg.JpegImageParser.getBufferedImage(JpegImageParser.java:99)
at
org.apache.commons.imaging.ImageParser.getBufferedImage(ImageParser.java:552)
at
org.apache.commons.imaging.formats.jpeg.JpegImageParser.main(JpegImageParser.java:1169)
{noformat}
> ArrayIndexOutOfBoundsException in DhtSegment
> --------------------------------------------
>
> Key: IMAGING-215
> URL: https://issues.apache.org/jira/browse/IMAGING-215
> Project: Commons Imaging
> Issue Type: Bug
> Components: Format: JPEG
> Affects Versions: 1.0
> Reporter: floyd
> Assignee: Bruno P. Kinoshita
> Priority: Major
> Labels: security
> Attachments: ArrayIndexOutOfBoundsException_DhtSegment_79.jpeg
>
>
> I simply ran the Kelinci AFL-based Java fuzzer with the common immaging as
> explained here (with better input files than the author, fuzzing is all about
> corpus data):
> [https://github.com/isstac/kelinci/tree/master/examples/commons-imaging]
> I found the following issue when parsing the attached file:
>
> {code:java}
> Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException: 0
> at
> org.apache.commons.imaging.formats.jpeg.segments.DhtSegment$HuffmanTable.<init>(DhtSegment.java:79)
> at
> org.apache.commons.imaging.formats.jpeg.segments.DhtSegment.<init>(DhtSegment.java:173)
> at
> org.apache.commons.imaging.formats.jpeg.segments.DhtSegment.<init>(DhtSegment.java:146)
> at
> org.apache.commons.imaging.formats.jpeg.decoder.JpegDecoder.visitSegment(JpegDecoder.java:219)
> at
> org.apache.commons.imaging.formats.jpeg.JpegUtils.traverseJFIF(JpegUtils.java:89)
> at
> org.apache.commons.imaging.formats.jpeg.decoder.JpegDecoder.decode(JpegDecoder.java:437)
> at
> org.apache.commons.imaging.formats.jpeg.JpegImageParser.getBufferedImage(JpegImageParser.java:97)
> at driver.Driver.main(Driver.java:23)
> {code}
> The rest is as described in the link, I also used
> commons-imaging-1.0-RC7.tar.gz
> The parser doesn't declare that an ArrayIndexOutOfBoundsException could be
> thrown.
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
