incubator-sanselan-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Greg Squires (JIRA)" <j...@apache.org>
Subject [jira] Created: (SANSELAN-17) integer overflow unhandled
Date Mon, 09 Feb 2009 18:46:59 GMT
integer overflow unhandled
--------------------------

                 Key: SANSELAN-17
                 URL: https://issues.apache.org/jira/browse/SANSELAN-17
             Project: Sanselan
          Issue Type: Bug
    Affects Versions: 0.94-incubator
         Environment: win32, 32 bit operating systems
            Reporter: Greg Squires


This function can throw an Exception in ByteSourceArray.java due to a negative byte[] allocation
size. The length argument has been found to wrap when called from IccProfileParser.java.

In 64bit machines, issues related to incorrect metadata, or ICC data can lead to incorrect
and excess memory allocations. These large numbers however cause 32bit negative signed values.


	public byte[] getBlock(int start, int length) throws IOException
	{
		if (start + length > bytes.length)
			throw new IOException("Could not read block (block start: " + start
					+ ", block length: " + length + ", data length: "
					+ bytes.length + ").");

		byte result[] = new byte[length];
		System.arraycopy(bytes, start, result, 0, length);
		return result;
	}



-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message