tsai
/
ImageSharp
mirror of https://github.com/SixLabors/ImageSharp
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Bounds check. Fix #849 (#851)

pull/853/head
James Jackson-South 7 years ago
committed by GitHub
parent
6c637af2cf
commit
76707283fc
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 11 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 9
      src/ImageSharp/Formats/Png/Zlib/ZlibInflateStream.cs
  2. 3
      tests/ImageSharp.Tests/Formats/Png/PngDecoderTests.cs
  3. 1
      tests/ImageSharp.Tests/TestImages.cs
  4. BIN
      tests/Images/Input/Png/zlib-overflow.png

9
src/ImageSharp/Formats/Png/Zlib/ZlibInflateStream.cs
View File

@ -126,8 +126,9 @@ namespace SixLabors.ImageSharp.Formats.Png.Zlib
int bytesToRead = Math.Min(count, this.currentDataRemaining);
this.currentDataRemaining -= bytesToRead;
int bytesRead = this.innerStream.Read(buffer, offset, bytesToRead);
long length = this.innerStream.Length;
// keep reading data until we've reached the end of the stream or filled the buffer
// Keep reading data until we've reached the end of the stream or filled the buffer
while (this.currentDataRemaining == 0 && bytesRead < count)
{
this.currentDataRemaining = this.getData();
@ -138,6 +139,12 @@ namespace SixLabors.ImageSharp.Formats.Png.Zlib
}
offset += bytesRead;
if (offset >= length)
{
return bytesRead;
}
bytesToRead = Math.Min(count - bytesRead, this.currentDataRemaining);
this.currentDataRemaining -= bytesToRead;
bytesRead += this.innerStream.Read(buffer, offset, bytesToRead);

3
tests/ImageSharp.Tests/Formats/Png/PngDecoderTests.cs
View File

@ -41,7 +41,8 @@ namespace SixLabors.ImageSharp.Tests.Formats.Png
TestImages.Png.Rgb24BppTrans,
TestImages.Png.GrayAlpha8Bit,
TestImages.Png.Gray1BitTrans
TestImages.Png.Gray1BitTrans,
TestImages.Png.Bad.ZlibOverflow
};
public static readonly string[] TestImages48Bpp =

1
tests/ImageSharp.Tests/TestImages.cs
View File

@ -85,6 +85,7 @@ namespace SixLabors.ImageSharp.Tests
public const string ChunkLength1 = "Png/chunklength1.png";
public const string ChunkLength2 = "Png/chunklength2.png";
public const string CorruptedChunk = "Png/big-corrupted-chunk.png";
public const string ZlibOverflow = "Png/zlib-overflow.png";
}
public static readonly string[] All =

BIN
tests/Images/Input/Png/zlib-overflow.png
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 10 KiB

Write Preview
Loading…
Cancel
Save