[OpenJDK 2D-Dev] [15] RFR JDK-8242557: Add length limit for strings in PNGImageWriter

[Jayathirth D v]

Update: “no limit on language tag” ---> “80 character limit on language tag”.

> On 27-Apr-2020, at 11:15 PM, Jayathirth D v <JAYATHIRTH.D.V at ORACLE.COM> wrote:
> 
> Hi Phil,
> 
> Thanks for your approval.
> I also noticed no limit on language tag in reader for iTXt and raised JDK-8243674 <https://bugs.openjdk.java.net/browse/JDK-8243674> before sending this review. It's on my todo list but not on high priority.
> 
> Regards,
> Jay 
> 
>> On 27-Apr-2020, at 10:51 PM, Philip Race <philip.race at oracle.com <mailto:philip.race at oracle.com>> wrote:
>> 
>> I reviewed  http://www.libpng.org/pub/png/spec/1.2/PNG-Chunks.html <http://www.libpng.org/pub/png/spec/1.2/PNG-Chunks.html>
>> and I think you covered all the cases.
>> 
>> I also reviewed the reader and it seems we already check only up to 80 chars there.
>> 
>> I note we assume the same max length of 80 for the language tag for iTxt.
>> The spec. doesn't specify a limit but I think 80 is more than generous here.
>> 
>> +1
>> 
>> -phil.
>> 
>> On 4/27/20, 9:59 AM, Jayathirth D v wrote:
>>> 
>>> Hello All,
>>> 
>>> Please review the following fix for JDK 15:
>>> 
>>> Bug : https://bugs.openjdk.java.net/browse/JDK-8242557 <https://bugs.openjdk.java.net/browse/JDK-8242557> 
>>> Webrev : http://cr.openjdk.java.net/~jdv/8242557/webrev.00/ <http://cr.openjdk.java.net/%7Ejdv/8242557/webrev.00/> 
>>> 
>>> Issue : PNG specification restricts length of strings in some chunks to 79(http://www.libpng.org/pub/png/spec/1.2/PNG-Chunks.html <http://www.libpng.org/pub/png/spec/1.2/PNG-Chunks.html> ) excluding null termination. But our writer implementation has no such check.
>>> Solution : Add checks in different chunks where there must be restrictions.
>>> 
>>> Thanks,
>>> Jay
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.java.net/pipermail/2d-dev/attachments/20200427/91d8eba8/attachment-0001.htm>