[OpenJDK 2D-Dev] 6782079: PNG: reading metadata may cause OOM on truncated images
Martin von Gagern
Martin.vGagern at gmx.net
Fri Dec 12 17:23:20 UTC 2008
Hi Andrew,
Looking at the patch from the webrev you sent me via private email, and
comparing it to my previous bug6541476-corrections.patch, I have some
comments.
The addition of a maxLength parameter to readNullTerminatedString makes
sense, as it avoids some problems on malformed input. It is my
understanding, however, that all strings read via
readNullTerminatedString should in a well formed PNG actually be null
terminated. Therefore in my opinion reaching the limit should cause an
exception to be thrown, not simply return the string read so far.
There was a hunk in my patch changing the possible valies for
compressionFlag of an iTXtEntry from 1/0 to TRUE/FALSE. YOu moved this
change to your patch for 5082756. That's OK by me, but requires patches
to be applied in the corret order. That's the reason I had that change
bundled with my patch.
Greetings,
Martin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
URL: <http://mail.openjdk.java.net/pipermail/2d-dev/attachments/20081212/4627d110/signature.asc>
More information about the 2d-dev
mailing list