Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Handle EOF in Jpeg bit reader when data is bad to prevent DOS attack. #2516

Merged
merged 9 commits into from
Aug 30, 2023
Merged

Handle EOF in Jpeg bit reader when data is bad to prevent DOS attack. #2516

Changes from 1 commit
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
008c417
Handle EOF in bit reader when data is bad.
JimBobSquarePants Aug 23, 2023
e686680
Allow parallel processing of multi-megapixel image
JimBobSquarePants Aug 23, 2023
62aaa4d
Stream seek can exceed the length of a stream
JimBobSquarePants Aug 23, 2023
51de859
Try triggering on release branches
JimBobSquarePants Aug 23, 2023
dc018fa
Update JpegBitReader.cs
JimBobSquarePants Aug 23, 2023
c129720
Skin on Win .NET 6
JimBobSquarePants Aug 24, 2023
1499213
All Win OS is an issue
JimBobSquarePants Aug 24, 2023
e96f1fe
Address feedback
JimBobSquarePants Aug 28, 2023
1bb07cb
add validation to CanIterateWithoutIntOverflow
antonfirsov Aug 29, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Update JpegBitReader.cs
  • Loading branch information
@JimBobSquarePants
JimBobSquarePants committed Aug 23, 2023
commit dc018fab5ca77874cacbeca19dab49208484c911
2 changes: 1 addition & 1 deletion src/ImageSharp/Formats/Jpeg/Components/Decoder/JpegBitReader.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -212,7 +212,7 @@ public bool FindNextMarker()
private int ReadStream()
{
int value = this.badData ? 0 : this.stream.ReadByte();
if (value == -1 || this.stream.Position >= this.stream.Length)
if (value == -1 || (this.badData && this.data == 0 && this.stream.Position >= this.stream.Length))
Copy link
Member

@antonfirsov antonfirsov Aug 25, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you describe the stuff behind || in a comment? Maybe you have some good insights after resolving #2516 (comment).

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

{
// We've encountered the end of the file stream which means there's no EOI marker
// in the image or the SOS marker has the wrong dimensions set.
Expand Down