[IMAGING-222] JPEG segment size not validated - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Cannot Reproduce
Affects Version/s: None
Fix Version/s: 1.0-alpha1
Component/s: Format: JPEG
Labels:
None

Description

Using my AFL-based fuzzer for Java. I found that a NegativeArraySizeException may be throw when attempting to read an invalid JPEG image.

public void traverseJFIF(final ByteSource byteSource, final Visitor visitor)
            throws ImageReadException,
            IOException {
        try (InputStream is = byteSource.getInputStream()) {
            readAndVerifyBytes(is, JpegConstants.SOI,
                    "Not a Valid JPEG File: doesn't begin with 0xffd8");
.....

I think you should add the handle NegativeArraySizeException exception

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

NegSegment.jpg
26/Mar/19 12:19
0.0 kB
Le Huu Quang Linh

Activity

People

Assignee:: Bruno P. Kinoshita

Reporter:: Le Huu Quang Linh

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 26/Mar/19 12:23

Updated:: 07/Aug/20 04:32

Resolved:: 16/May/19 01:34