[OpenJDK 2D-Dev] [9] RFR: JDK-8167278: ArrayIndexOutOfBoundsException when calling ImageIO.read(InputStream) with RLE4 BMP

Jayathirth D V jayathirth.d.v at oracle.com
Thu Jan 19 07:05:38 UTC 2017

Hi Prahalad,

Please find my observations :

1) Since you have moved calculation of "lineStride" to different function I think we can optimize it more by moving the calculation of lineStride inside the "else if ((lineNo - sourceRegion.y) % scaleY == 0)" because it is not used in "if (noTransform)" case.

2) Also there is small typo at line 1670 "// REL4 decoding" and please remove trailing spaces in test case before pushing.

Apart from these things changes are working fine.

Also I noted that we are not using "padding" parameter  passed to decodeRLE4() function. 
Not using this padding parameter will cause any problems while decoding?

If it is not needed we can remove "padding" parameter in decodeRLE4() and its calculation in readRLE4().If it is not under the scope of this bug you can raise a new bug for the same.

-----Original Message-----
From: Prahalad Kumar Narayanan 
Sent: Friday, January 13, 2017 2:54 PM
To: 2d-dev at openjdk.java.net
Subject: [OpenJDK 2D-Dev] [9] RFR: JDK-8167278: ArrayIndexOutOfBoundsException when calling ImageIO.read(InputStream) with RLE4 BMP

Hello Everyone

Good day to you.

Request your time in reviewing the fix for bug
    . [JDK-8167278] : ArrayIndexOutOfBoundsException when calling ImageIO.read(InputStream) with RLE4 BMP 

Root Cause
    . The issue seems to stem from a mal-formed RLE4 Encoded Bitmap Image
    . Specifically - the width as mentioned in header and encoded image data do not match.
    . Unfortunately, the decoder logic doesn't contain guard checks to prevent out of bounds array access.

Fix Details:
    . Necessary guard conditions have been put to the RLE4 bitmap decoding logic.
    . Besides, two new issues were observed in same function block. They have been addressed as well.
             i. The last scanline of decoded image is missed in destination image (when EoF sequence arrives without EoL)
                    . This was observed with a sample image created with gimp tool.
             ii. Handling of Delta encoding (0x00 0x02 xOffset yOffset)
                    . The scanline of decoded image should be copied to destination if yOff shifts next pixel's location to other line
                    . Secondly, the scanline index should be limited by boundary value after x and y offsets are added.
                    . Note: I couldn't create a suitable image with Delta encoding in image buffer. Hence this small change could not be tested.

Other Details:
    . The fix was run through both Jtreg and JCK test suites. No regressions were seen.

The changes are available for your review under: 
    Link: http://cr.openjdk.java.net/~pnarayanan/8167278/webrev.00/

Kindly review the changes at your convenience and share your feedback.

Thank you for your time in review
Have a good day

Prahalad N.

More information about the 2d-dev mailing list