Return-Path: X-Original-To: apmail-commons-issues-archive@minotaur.apache.org Delivered-To: apmail-commons-issues-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 93F2C17DC4 for ; Sat, 7 Feb 2015 11:22:35 +0000 (UTC) Received: (qmail 90214 invoked by uid 500); 7 Feb 2015 11:22:35 -0000 Delivered-To: apmail-commons-issues-archive@commons.apache.org Received: (qmail 90113 invoked by uid 500); 7 Feb 2015 11:22:35 -0000 Mailing-List: contact issues-help@commons.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: issues@commons.apache.org Delivered-To: mailing list issues@commons.apache.org Received: (qmail 90097 invoked by uid 99); 7 Feb 2015 11:22:35 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 07 Feb 2015 11:22:35 +0000 Date: Sat, 7 Feb 2015 11:22:34 +0000 (UTC) From: =?utf-8?Q?Michael_Gro=C3=9F_=28JIRA=29?= To: issues@commons.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Created] (IMAGING-164) Possible dereferencing of possibel null pointer in IcoImageParser::writeImage MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 Michael Gro=C3=9F created IMAGING-164: ------------------------------------ Summary: Possible dereferencing of possibel null pointer in Ic= oImageParser::writeImage Key: IMAGING-164 URL: https://issues.apache.org/jira/browse/IMAGING-164 Project: Commons Imaging Issue Type: Bug Components: Format: ICO Reporter: Michael Gro=C3=9F Fix For: Patch Needed org.apache.commons.imaging.formats.ico.IcoImageParser::writeImage(final Buf= feredImage src, final OutputStream os, final ImagingParameters params) may throw na unexpected NullPointerException because it of the following co= de: {noformat} final SimplePalette palette =3D paletteFactory.makeExactRgbPaletteSimple(sr= c, 256); {noformat} Then asking if the created palette is null. I will discuss where it comes f= rom below. For now it is interesting that we set the variable bitCount desp= ite the SimplePalette is null. Currently this makes no sense because the co= de will throw a NullPointerException later if SimplePalette is null. {noformat} if (palette =3D=3D null) { if (hasTransparency) { bitCount =3D 32; } else { bitCount =3D 24; } {noformat} In the later for-loop we try to call *getPaletteIndex(rgb)* on the SimplePa= lette instance. If it contains null, we'll get a NullPointerException here. {noformat} for (int y =3D src.getHeight() - 1; y >=3D 0; y--) { for (int x =3D 0; x < src.getWidth(); x++) { final int argb =3D src.getRGB(x, y); if (bitCount < 8) { final int rgb =3D 0xffffff & argb; final int index =3D palette.getPaletteIndex(rgb); // po= ssible NullPointerException ... } else if (bitCount =3D=3D 8) { final int rgb =3D 0xffffff & argb; final int index =3D palette.getPaletteIndex(rgb); // p= ossible NullPointerException {noformat} Why can SimplePalette be null? It comes from PaletteFactory::makeExactRgbPa= letteSimple(final BufferedImage src, final int max). As it's javadoc says i= t will "fails by returning {@code null} if there are more than {@code max} = colors necessary": {noformat} if (rgbs.add(rgb) && rgbs.size() > max) { return null; } {noformat} My first idea goes to throw a RunTimeException rather than returning null. = But one has to check if there are cases where the return of null causes som= e error handlich i.e. increasing the number of colors or creating another o= bject. -- This message was sent by Atlassian JIRA (v6.3.4#6332)