RFR: 8287102: ImageReaderSpi.canDecodeInput() for standard plugins should return false if a stream is too short [v2]
Phil Race
prr at openjdk.java.net
Wed May 25 21:41:50 UTC 2022
On Mon, 23 May 2022 08:09:20 GMT, Martin Desruisseaux <duke at openjdk.java.net> wrote:
>> Invoking `ImageReaderSpi.canDecodeInput(Object)` with a stream having less than 8 bytes causes an `EOFException` to be thrown instead of returning `false`. This is caused by BMP, WBMP, GIF, PNG and TIFF reader implementations assuming that those bytes always exist and not checking EOF conditions. The JPEG reader is not impacted.
>>
>> The `CanDecodeTest` class in this pull request reproduces the problem and verifies that the patch solves it. The changes in `canDecodeInput(Object)` method bodies are:
>>
>> * Use `ImageInputStream.read()` instead of `readByte()` and check for -1 (EOF) return value.
>> * Replace `ImageInputStream.readFully(byte[])` calls by a private `tryReadFully` method.
>
> Martin Desruisseaux has updated the pull request incrementally with one additional commit since the last revision:
>
> Test all plugins, not only "BMP".
Marked as reviewed by prr (Reviewer).
-------------
PR: https://git.openjdk.java.net/jdk/pull/8700
More information about the client-libs-dev
mailing list