JDK-6532025 : GIF reader throws misleading exception with truncated images
  • Type: Bug
  • Component: client-libs
  • Sub-Component: javax.imageio
  • Affected Version: 5.0,8,11,13,14,15
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2007-03-07
  • Updated: 2021-02-03
  • Resolved: 2020-03-10
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 13 JDK 15
11.0.11-oracleFixed 13.0.6Fixed 15 b16Fixed
Description
GIF image reader throws misleading exception if image in question is truncated:

java.lang.IndexOutOfBoundsException: off < 0 || len < 0 || off+len > b.length || off+len < 0!
        at javax.imageio.stream.FileCacheImageInputStream.read(FileCacheImageInputStream.java:151)
        at com.sun.imageio.plugins.gif.GIFImageReader.getCode(GIFImageReader.java:306)
        at com.sun.imageio.plugins.gif.GIFImageReader.read(GIFImageReader.java:881)
        at javax.imageio.ImageIO.read(ImageIO.java:1422)
        at javax.imageio.ImageIO.read(ImageIO.java:1326)
        at imagedemo.Main.main(Main.java:23)

Also the problem is the same in 1.5.0_07 and in 6.0u1-b03.

Examples to truncated images are attached.
Comments
Fix request (13u) Requesting backport to 13u for parity with 11u. The patch applies cleanly. Tested with tier1; new test fails without the patch, passes with it.
28-01-2021
Fix Request (11u) This resolves the GIF parser bug that is only accidentally caught by unrelated checking code. Patch applies cleanly to 11u, new test fails without the patch, passes with it. Additionally, tier1 tests pass.
12-08-2020
URL: https://hg.openjdk.java.net/jdk/jdk/rev/c4d580d1305a User: psadhukhan Date: 2020-03-22 11:49:29 +0000
22-03-2020
URL: https://hg.openjdk.java.net/jdk/client/rev/c4d580d1305a User: jdv Date: 2020-03-10 10:38:19 +0000
10-03-2020
1) drag_position.gif fails at GIFImageReader.read(int, ImageReadParam) 2) warn.gif fails in GIFImageReader.getCode() Both for same reason that we have truncated stream and blocklength mentions particular length. We should capture EOF and throw appropriate exception.
05-03-2020
Since these GIF images are truncated we need to add proper check when we reach EOF and try to read GIF data based on blocklength data. Instead of throwing IOOBE we should throw IIOException.
05-03-2020
Attached GIF's with which we see the problem.
05-03-2020
Please re-open if - if fix is in progress or on the plan to fix soon - if this is a P3 (file as P3, not P4)
18-03-2014
EVALUATION The getCode() method of GIF reader does not check the return value of read() method of ImageInputStream and uses it in offset calculation. However, method read can return -1 to indicate EOF. We shuld check this return value and throw IOException if end of file is reached.
07-03-2007