Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
1.0-alpha2
-
None
-
None
Description
The following Java snippet crashes with a NegativeArraySizeException:
import java.io.IOException; import java.util.Base64; import java.util.HashMap; import org.apache.commons.imaging.ImageReadException; import org.apache.commons.imaging.common.bytesource.ByteSourceArray; import org.apache.commons.imaging.formats.jpeg.JpegImageParser; public class JpegImageParserCrash { public static byte[] btoa(String base64) { return Base64.getDecoder().decode(base64); } public static void main(String[] args) { byte[] input = btoa("/9j/wAAIQf//////"); try { new JpegImageParser().getBufferedImage(new ByteSourceArray(input), new HashMap<>()); } catch (IOException | ImageReadException e) {} } }
The stack trace is:
Exception in thread "main" java.lang.NegativeArraySizeException: -1
at org.apache.commons.imaging.formats.jpeg.segments.SofnSegment.<init>(SofnSegment.java:72)
at org.apache.commons.imaging.formats.jpeg.segments.SofnSegment.<init>(SofnSegment.java:56)
at org.apache.commons.imaging.formats.jpeg.decoder.JpegDecoder.visitSegment(JpegDecoder.java:235)
at org.apache.commons.imaging.formats.jpeg.JpegUtils.traverseJFIF(JpegUtils.java:91)
at org.apache.commons.imaging.formats.jpeg.decoder.JpegDecoder.decode(JpegDecoder.java:543)
at org.apache.commons.imaging.formats.jpeg.JpegImageParser.getBufferedImage(JpegImageParser.java:104)
at JpegImageParserCrash.main(JpegImageParserCrash.java:17)