[
https://issues.apache.org/jira/browse/IMAGING-373?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Gary D. Gregory resolved IMAGING-373.
-------------------------------------
Fix Version/s: 1.0
Resolution: Fixed
> OutOfMemory with invalid ICO input file
> ---------------------------------------
>
> Key: IMAGING-373
> URL: https://issues.apache.org/jira/browse/IMAGING-373
> Project: Commons Imaging
> Issue Type: Bug
> Components: Format: BMP, Format: ICO
> Affects Versions: 1.0-alpha3
> Reporter: Milan Nikl
> Priority: Major
> Fix For: 1.0
>
> Attachments: epine.ico
>
>
> While trying to _use org.apache.commons.imaging.formats.ico.IcoImageParser_
> to read an icon file, I'm getting OutOfMemory Error. The file is corrupted,
> but that should not lead to an Error.
> Icon is downloaded from [https://epine.es/assets/icos/epine.ico] and
> hopefully attached to this issue.
> [^epine.ico]
>
> Trying to debug the problem, I found out that the cause is in misinterpreting
> some values in
> _org.apache.commons.imaging.formats.bmp.BmpImageParser#readBmpHeaderInfo(java.io.InputStream,
> org.apache.commons.imaging.FormatCompliance)_ method while trying to load
> data of the single image bitmap in given ico file.
> While _fileSize_ value is 5990, the _bitmapDataOffset_ value parsed is
> 989265922. At the same time _expectedDataOffset_ value is 70, which leads to
> _extraBytes_ value of 989265852.
> Then
> _org.apache.commons.imaging.common.BinaryFunctions#readBytes(java.lang.String,
> java.io.InputStream, int, java.lang.String)_ tries to allocate byte array of
> size 989265852. Which exhausts available memory of the JVM.
> Maybe just a simple check of _extraBytes > bhi.fileSize_ could help?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
