Fabian Meumertzheim created IMAGING-275:
-------------------------------------------
Summary: NegativeArraySizeException in SofnSegment
Key: IMAGING-275
URL: https://issues.apache.org/jira/browse/IMAGING-275
Project: Commons Imaging
Issue Type: Bug
Components: Format: JPEG
Affects Versions: 1.0-alpha2
Reporter: Fabian Meumertzheim
Attachments: JpegImageParserCrash.java
The following Java snippet crashes with a NegativeArraySizeException:
{code:java}
import java.io.IOException;
import java.util.Base64;
import java.util.HashMap;
import org.apache.commons.imaging.ImageReadException;
import org.apache.commons.imaging.common.bytesource.ByteSourceArray;
import org.apache.commons.imaging.formats.jpeg.JpegImageParser;
public class JpegImageParserCrash {
public static byte[] btoa(String base64) {
return Base64.getDecoder().decode(base64);
}
public static void main(String[] args) {
byte[] input = btoa("/9j/wAAIQf//////");
try {
new JpegImageParser().getBufferedImage(new ByteSourceArray(input),
new HashMap<>());
} catch (IOException | ImageReadException e) {}
}
}
{code}
The stack trace is:
{noformat}
Exception in thread "main" java.lang.NegativeArraySizeException: -1
at
org.apache.commons.imaging.formats.jpeg.segments.SofnSegment.<init>(SofnSegment.java:72)
at
org.apache.commons.imaging.formats.jpeg.segments.SofnSegment.<init>(SofnSegment.java:56)
at
org.apache.commons.imaging.formats.jpeg.decoder.JpegDecoder.visitSegment(JpegDecoder.java:235)
at
org.apache.commons.imaging.formats.jpeg.JpegUtils.traverseJFIF(JpegUtils.java:91)
at
org.apache.commons.imaging.formats.jpeg.decoder.JpegDecoder.decode(JpegDecoder.java:543)
at
org.apache.commons.imaging.formats.jpeg.JpegImageParser.getBufferedImage(JpegImageParser.java:104)
at JpegImageParserCrash.main(JpegImageParserCrash.java:17)
{noformat}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
