CR 7148271 REGESSION with PNG Image loading
Xueming Shen
xueming.shen at oracle.com
Tue Mar 13 22:37:54 UTC 2012
On 3/13/2012 1:09 PM, Alan Bateman wrote:
> On 13/03/2012 19:03, Xueming Shen wrote:
>>
>> While this indeed is a "regression", the question is do we really
>> want this
>> behavior (allow those corrupt zip/png files without throwing
>> exception) to
>> be the default behavior? A possible approach is to by default the
>> j.u.zip.Inflater/PNGImageReader rejects such files (by throwing a zip
>> exception,
>> as the current JDK7 does) and to tolerate such files only with some
>> -D flag,
>> for example -Djava.util.zip.InflateAllowInvalidDistance. This
>> definitely will
>> be inconvenient for those who like the PNGImageReader to just work as
>> it did
>> in previous releases, but appears to be a more reasonable for me.
>>
>> Opinion?
> This is tough one, do you have any sense for how common this issue is?
> What are the downsides or risks to ignoring invalid distance values?
I don't know "how common" this issue is. So far this is the first
incident I heard so far. However
given JDK7 (the release we upgraded the internal zlib after almost
decade) is just out, I would expect
we might hear more.
The downside of ignoring is that the error is simply ignored "silently".
It would be reasonable to
assume some users want to be alerted by the exception throwing that the
zip/png file they are
working on is broken. With INFLATE_ALLOW_INVALID_DISTANCE_TOOFAR_ARRR
on, the inflater
now will fill the output buffer with 0 for those invalid bits.
-Sherman
More information about the core-libs-dev
mailing list