[
https://issues.apache.org/jira/browse/IMAGING-25?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Damjan Jovanovic resolved IMAGING-25.
-------------------------------------
Resolution: Later
Deferring to after the 1.0 release.
> integer overflow unhandled
> --------------------------
>
> Key: IMAGING-25
> URL: https://issues.apache.org/jira/browse/IMAGING-25
> Project: Commons Imaging
> Issue Type: Bug
> Components: Format: JPEG
> Affects Versions: 0.94-incubator
> Environment: win32, 32 bit operating systems
> Reporter: Greg Squires
> Attachments: concat-app13.patch, crash.jpeg
>
> Original Estimate: 24h
> Remaining Estimate: 24h
>
> This function can throw an Exception in ByteSourceArray.java due to a
> negative byte[] allocation size. The length argument has been found to wrap
> when called from IccProfileParser.java.
> In 64bit machines, issues related to incorrect metadata, or ICC data can lead
> to incorrect and excess memory allocations. These large numbers however cause
> 32bit negative signed values.
> public byte[] getBlock(int start, int length) throws IOException
> {
> if (start + length > bytes.length)
> throw new IOException("Could not read block (block
> start: " + start
> + ", block length: " + length + ", data
> length: "
> + bytes.length + ").");
> byte result[] = new byte[length];
> System.arraycopy(bytes, start, result, 0, length);
> return result;
> }
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
