[jira] [Updated] (IMAGING-222) JPEG segment size not validated

Tue, 26 Mar 2019 05:25:12 -0700 


     [ 
https://issues.apache.org/jira/browse/IMAGING-222?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Le Huu Quang Linh updated IMAGING-222:
--------------------------------------
    Description: 
Using my AFL-based fuzzer for Java. I found that a NegativeArraySizeException 
may be throw when attempting to read an invalid JPEG image.

{code:java}
public void traverseJFIF(final ByteSource byteSource, final Visitor visitor)
            throws ImageReadException,
            IOException {
        try (InputStream is = byteSource.getInputStream()) {
            readAndVerifyBytes(is, JpegConstants.SOI,
                    "Not a Valid JPEG File: doesn't begin with 0xffd8");
.....
{code}
I think you should add the handle NegativeArraySizeException exception

  was:
Using my AFL-based fuzzer for Java. I found that a NegativeArraySizeException 
may be throw when attempting to read an invalid JPEG image.

{code:java}
public void traverseJFIF(final ByteSource byteSource, final Visitor visitor)
            throws ImageReadException,
            IOException {
        try (InputStream is = byteSource.getInputStream()) {
            readAndVerifyBytes(is, JpegConstants.SOI,
                    "Not a Valid JPEG File: doesn't begin with 0xffd8");
{code}
I think you should add the handle NegativeArraySizeException exception


> JPEG segment size not validated
> -------------------------------
>
>                 Key: IMAGING-222
>                 URL: https://issues.apache.org/jira/browse/IMAGING-222
>             Project: Commons Imaging
>          Issue Type: Bug
>          Components: Format: JPEG
>            Reporter: Le Huu Quang Linh
>            Priority: Major
>         Attachments: NegSegment.jpg
>
>
> Using my AFL-based fuzzer for Java. I found that a NegativeArraySizeException 
> may be throw when attempting to read an invalid JPEG image.
> {code:java}
> public void traverseJFIF(final ByteSource byteSource, final Visitor visitor)
>             throws ImageReadException,
>             IOException {
>         try (InputStream is = byteSource.getInputStream()) {
>             readAndVerifyBytes(is, JpegConstants.SOI,
>                     "Not a Valid JPEG File: doesn't begin with 0xffd8");
> .....
> {code}
> I think you should add the handle NegativeArraySizeException exception



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to