[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openjdk-openjfx-dev
Subject:    RFR: 8241370: Crash in JPEGImageLoader after fix for JDK-8212034
From:       Ambarish Rapte <arapte () openjdk ! java ! net>
Date:       2020-03-31 5:38:58
Message-ID: LkEbfehVkMyy7bxyIWmChSNm-CuhsQTHTgoLhJ7Zyj4=.3439e18d-7fc9-498b-96d4-c1c44e671d2d () github ! com
[Download RAW message or body]

This is a regression of \
[JDK-8212034](https://bugs.openjdk.java.net/browse/JDK-8212034). When image is loaded \
in WebView usinga url, WebView attempts to load a image frames with partial image \
data. This was implemented under, JDK-8153148 -> WCImageDecoderImpl.addImageData() -> \
calls loadFrames() with partial image data.

Call to jpeg_read_header() may fail when the partial image data has incomplete header \
information.

In the given case the jpeg_read_header() call fails and code execution flow enters \
the 'if (setjmp(jerr->setjmp_buffer)) {}' block and results in call to \
disposeIIO(env, data);, which in turn calls imageio_dispose. This will free \
cinfo->err and set it to NULL, and the subsequent call to \
(*cinfo->err->format_message) crashes.

Verified All test run, Sanity tests with Ensemble app and Tested different web pages.
Added a test, The test passes with fix and causes a native crash without the fix.

-------------

Commit messages:
 - 8241370: Crash in JPEGImageLoader after fix for JDK-8212034

Changes: https://git.openjdk.java.net/jfx/pull/154/files
 Webrev: https://webrevs.openjdk.java.net/jfx/154/webrev.00
  Issue: https://bugs.openjdk.java.net/browse/JDK-8241370
  Stats: 127 lines in 3 files changed: 125 ins; 1 del; 1 mod
  Patch: https://git.openjdk.java.net/jfx/pull/154.diff
  Fetch: git fetch https://git.openjdk.java.net/jfx pull/154/head:pull/154

PR: https://git.openjdk.java.net/jfx/pull/154


[prev in list] [next in list] [prev in thread] [next in thread]