Skip to content

Commit 06b33a0

Browse files
mrserbmrserb
committedFeb 4, 2021
8261107: ArrayIndexOutOfBoundsException in the ICC_Profile.getInstance(InputStream)
Reviewed-by: azvegint, psadhukhan
·
jdk-25+17jdk-17-ga
1 parent 60f440d commit 06b33a0

File tree

2 files changed

+56
-2
lines changed

2 files changed

+56
-2
lines changed
 

‎src/java.desktop/share/classes/java/awt/color/ICC_Profile.java

+2-2
Original file line numberDiff line numberDiff line change
@@ -975,10 +975,10 @@ public static ICC_Profile getInstance(InputStream s) throws IOException {
975975
static byte[] getProfileDataFromStream(InputStream s) throws IOException {
976976

977977
BufferedInputStream bis = new BufferedInputStream(s);
978-
bis.mark(128);
978+
bis.mark(128); // 128 is the length of the ICC profile header
979979

980980
byte[] header = bis.readNBytes(128);
981-
if (header[36] != 0x61 || header[37] != 0x63 ||
981+
if (header.length < 128 || header[36] != 0x61 || header[37] != 0x63 ||
982982
header[38] != 0x73 || header[39] != 0x70) {
983983
return null; /* not a valid profile */
984984
}

‎test/jdk/java/awt/color/ICC_Profile/GetInstanceBrokenStream.java

+54
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,54 @@
1+
/*
2+
* Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved.
3+
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4+
*
5+
* This code is free software; you can redistribute it and/or modify it
6+
* under the terms of the GNU General Public License version 2 only, as
7+
* published by the Free Software Foundation.
8+
*
9+
* This code is distributed in the hope that it will be useful, but WITHOUT
10+
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11+
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12+
* version 2 for more details (a copy is included in the LICENSE file that
13+
* accompanied this code).
14+
*
15+
* You should have received a copy of the GNU General Public License version
16+
* 2 along with this work; if not, write to the Free Software Foundation,
17+
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18+
*
19+
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20+
* or visit www.oracle.com if you need additional information or have any
21+
* questions.
22+
*/
23+
24+
import java.awt.color.ICC_Profile;
25+
import java.io.ByteArrayInputStream;
26+
import java.io.IOException;
27+
28+
/**
29+
* @test
30+
* @bug 8261107
31+
* @summary Short and broken streams should be reported as unsupported
32+
*/
33+
public final class GetInstanceBrokenStream {
34+
35+
public static void main(String[] args) throws IOException {
36+
// Empty header
37+
testHeader(new byte[]{});
38+
// Short header
39+
testHeader(new byte[]{-12, 3, 45});
40+
// Broken header
41+
testHeader(new byte[]{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
42+
15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30,
43+
31, 32, 33, 34, 35, 0x61, 0x63, 0x73, 0x70});
44+
}
45+
46+
private static void testHeader(byte[] data) throws IOException {
47+
ByteArrayInputStream bais = new ByteArrayInputStream(data);
48+
try {
49+
ICC_Profile.getInstance(bais);
50+
} catch (IllegalArgumentException e) {
51+
// expected
52+
}
53+
}
54+
}

7 commit comments

Comments
 (7)

openjdk-notifier[bot] commented on Feb 4, 2021

@openjdk-notifier[bot]
openjdk-notifier[bot]
on Feb 4, 2021

Review

Issues

mrserb commented on Feb 21, 2022

@mrserb
mrserb
on Feb 21, 2022
MemberAuthor

/backport jdk11u-dev

openjdk[bot] commented on Feb 21, 2022

@openjdk[bot]
openjdk[bot]
on Feb 21, 2022

@mrserb the backport was successfully created on the branch mrserb-backport-06b33a0a in my personal fork of openjdk/jdk11u-dev. To create a pull request with this backport targeting openjdk/jdk11u-dev:master, just click the following link:

➡️ Create pull request

The title of the pull request is automatically filled in correctly and below you find a suggestion for the pull request body:

Hi all,

This pull request contains a backport of commit 06b33a0a from the openjdk/jdk repository.

The commit being backported was authored by Sergey Bylokhov on 4 Feb 2021 and was reviewed by Alexander Zvegintsev and Prasanta Sadhukhan.

Thanks!

If you need to update the source branch of the pull then run the following commands in a local clone of your personal fork of openjdk/jdk11u-dev:

$ git fetch https://github.com/openjdk-bots/jdk11u-dev mrserb-backport-06b33a0a:mrserb-backport-06b33a0a
$ git checkout mrserb-backport-06b33a0a
# make changes
$ git add paths/to/changed/files
$ git commit --message 'Describe additional changes made'
$ git push https://github.com/openjdk-bots/jdk11u-dev mrserb-backport-06b33a0a

mrserb commented on Feb 22, 2022

@mrserb
mrserb
on Feb 22, 2022
MemberAuthor

/backport jdk15u-dev

openjdk[bot] commented on Feb 22, 2022

@openjdk[bot]
openjdk[bot]
on Feb 22, 2022

@mrserb the backport was successfully created on the branch mrserb-backport-06b33a0a in my personal fork of openjdk/jdk15u-dev. To create a pull request with this backport targeting openjdk/jdk15u-dev:master, just click the following link:

➡️ Create pull request

The title of the pull request is automatically filled in correctly and below you find a suggestion for the pull request body:

Hi all,

This pull request contains a backport of commit 06b33a0a from the openjdk/jdk repository.

The commit being backported was authored by Sergey Bylokhov on 4 Feb 2021 and was reviewed by Alexander Zvegintsev and Prasanta Sadhukhan.

Thanks!

If you need to update the source branch of the pull then run the following commands in a local clone of your personal fork of openjdk/jdk15u-dev:

$ git fetch https://github.com/openjdk-bots/jdk15u-dev mrserb-backport-06b33a0a:mrserb-backport-06b33a0a
$ git checkout mrserb-backport-06b33a0a
# make changes
$ git add paths/to/changed/files
$ git commit --message 'Describe additional changes made'
$ git push https://github.com/openjdk-bots/jdk15u-dev mrserb-backport-06b33a0a

mrserb commented on Mar 24, 2022

@mrserb
mrserb
on Mar 24, 2022
MemberAuthor

/backport jdk8u-dev

openjdk[bot] commented on Mar 24, 2022

@openjdk[bot]
openjdk[bot]
on Mar 24, 2022

@mrserb Could not automatically backport 06b33a0a to openjdk/jdk8u-dev due to conflicts in the following files:

  • jdk/test/java/awt/color/ICC_Profile/GetInstanceBrokenStream.java
  • src/java.desktop/share/classes/java/awt/color/ICC_Profile.java

To manually resolve these conflicts run the following commands in your personal fork of openjdk/jdk8u-dev:

$ git checkout -b mrserb-backport-06b33a0a
$ git fetch --no-tags https://git.openjdk.java.net/jdk 06b33a0ad78d1577711af22020cf5fdf25112523
$ git cherry-pick --no-commit 06b33a0ad78d1577711af22020cf5fdf25112523
$ # Resolve conflicts
$ git add files/with/resolved/conflicts
$ git commit -m 'Backport 06b33a0ad78d1577711af22020cf5fdf25112523'

Once you have resolved the conflicts as explained above continue with creating a pull request towards the openjdk/jdk8u-dev with the title Backport 06b33a0ad78d1577711af22020cf5fdf25112523.

Please sign in to comment.