RFR: 8318951: Additional negative value check in JPEG decoding
Victor Dyakov
vdyakov at openjdk.org
Fri Oct 27 16:10:33 UTC 2023
On Fri, 27 Oct 2023 05:54:04 GMT, Jayathirth D V <jdv at openjdk.org> wrote:
> We skip jpeg data during decoding using imageio_skip_input_data() in both src/java.desktop/share/native/libjavajpeg/imageioJPEG.c and src/java.desktop/share/native/libjavajpeg/jpegdecoder.c
>
> We update num_bytes with sb->remaining_skip in these functions and it can overflow. We need to add additional check for num_bytes here.
>
> With updated code ran all awt and imageio tests in CI and it is green.
@azvegint @prsadhuk please review
-------------
PR Comment: https://git.openjdk.org/jdk/pull/16390#issuecomment-1783166178
More information about the client-libs-dev
mailing list