RFR: 8287102: ImageReaderSpi.canDecodeInput() for standard plugins should return false if a stream is too short [v2]
Martin Desruisseaux
duke at openjdk.java.net
Thu May 26 11:46:40 UTC 2022
On Mon, 23 May 2022 08:09:20 GMT, Martin Desruisseaux <duke at openjdk.java.net> wrote:
>> Invoking `ImageReaderSpi.canDecodeInput(Object)` with a stream having less than 8 bytes causes an `EOFException` to be thrown instead of returning `false`. This is caused by BMP, WBMP, GIF, PNG and TIFF reader implementations assuming that those bytes always exist and not checking EOF conditions. The JPEG reader is not impacted.
>>
>> The `CanDecodeTest` class in this pull request reproduces the problem and verifies that the patch solves it. The changes in `canDecodeInput(Object)` method bodies are:
>>
>> * Use `ImageInputStream.read()` instead of `readByte()` and check for -1 (EOF) return value.
>> * Replace `ImageInputStream.readFully(byte[])` calls by a private `tryReadFully` method.
>
> Martin Desruisseaux has updated the pull request incrementally with one additional commit since the last revision:
>
> Test all plugins, not only "BMP".
As a minor note, in `com.sun.imageio.plugins.common.ReaderUtil` class the `readMultiByteInteger(ImageInputStream)` method is used only by `WBMPImageReader`. Would it be worth to move (in a separated pull request) that method in `WBMPImageReader` for saving a few bytes in the common case where WBMP format is not used?
-------------
PR: https://git.openjdk.java.net/jdk/pull/8700
More information about the client-libs-dev
mailing list