[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openjdk-2d-dev
Subject:    Re: RFR: 8318951: Additional negative value check in JPEG decoding
From:       Phil Race <prr () openjdk ! org>
Date:       2023-10-30 20:41:31
Message-ID: m7p9c3txS0IA1-5UdDw4TF9J-G13R3LzK8yhKaVd4ZY=.8e5c6341-a8e2-4af9-8403-77ece9b216e3 () github ! com
[Download RAW message or body]

On Fri, 27 Oct 2023 05:54:04 GMT, Jayathirth D V <jdv@openjdk.org> wrote:

> We skip jpeg data during decoding using imageio_skip_input_data() in both \
> src/java.desktop/share/native/libjavajpeg/imageioJPEG.c and \
> src/java.desktop/share/native/libjavajpeg/jpegdecoder.c 
> We update num_bytes with sb->remaining_skip in these functions and it can overflow. \
> We need to add additional check for num_bytes here. 
> With updated code ran all awt and imageio tests in CI and it is green.

Marked as reviewed by prr (Reviewer).

-------------

PR Review: https://git.openjdk.org/jdk/pull/16390#pullrequestreview-1705024302


[prev in list] [next in list] [prev in thread] [next in thread]