image/png: check zlib checksum during Decode

author Russ Cox <rsc@golang.org>

Wed, 7 Sep 2011 17:23:16 +0000 (13:23 -0400)

committer Russ Cox <rsc@golang.org>

Wed, 7 Sep 2011 17:23:16 +0000 (13:23 -0400)
author Russ Cox <rsc@golang.org>
Wed, 7 Sep 2011 17:23:16 +0000 (13:23 -0400)
committer Russ Cox <rsc@golang.org>
Wed, 7 Sep 2011 17:23:16 +0000 (13:23 -0400)
diff --git a/src/pkg/image/png/reader.go b/src/pkg/image/png/reader.go

index 8c76afa72c6a02e99b49fc45cc2d21cde4bccc20..aa023741d0716dd36f64137a3aeafba0d28f23d0 100644 (file)
--- a/src/pkg/image/png/reader.go
+++ b/src/pkg/image/png/reader.go
@@ -489,6 +489,16 @@ func (d *decoder) idatReader(idat io.Reader) (image.Image, os.Error) {
                 // The current row for y is the previous row for y+1.
                 pr, cr = cr, pr
         }
+
+       // Check for EOF, to verify the zlib checksum.
+       n, err := r.Read(pr[:1])
+       if err != os.EOF {
+               return nil, FormatError(err.String())
+       }
+       if n != 0 {
+               return nil, FormatError("too much pixel data")
+       }
+
         return img, nil
  }
  
diff --git a/src/pkg/image/png/reader_test.go b/src/pkg/image/png/reader_test.go

index bcc1a3db475609e79224372ce2596ab64e909f07..208843190583920b5d1a37bca6ab9d15b4f4e5f8 100644 (file)
--- a/src/pkg/image/png/reader_test.go
+++ b/src/pkg/image/png/reader_test.go
@@ -10,6 +10,7 @@ import (
         "image"
         "io"
         "os"
+       "strings"
         "testing"
  )
  
@@ -41,7 +42,7 @@ var filenamesShort = []string{
         "basn6a16",
  }
  
-func readPng(filename string) (image.Image, os.Error) {
+func readPNG(filename string) (image.Image, os.Error) {
         f, err := os.Open(filename)
         if err != nil {
                 return nil, err
@@ -183,7 +184,7 @@ func TestReader(t *testing.T) {
         }
         for _, fn := range names {
                 // Read the .png file.
-               img, err := readPng("testdata/pngsuite/" + fn + ".png")
+               img, err := readPNG("testdata/pngsuite/" + fn + ".png")
                 if err != nil {
                         t.Error(fn, err)
                         continue
@@ -239,3 +240,29 @@ func TestReader(t *testing.T) {
                 }
         }
  }
+
+var readerErrors = []struct {
+       file string
+       err  string
+}{
+       {"invalid-zlib.png", "zlib checksum error"},
+       {"invalid-crc32.png", "invalid checksum"},
+       {"invalid-noend.png", "unexpected EOF"},
+       {"invalid-trunc.png", "unexpected EOF"},
+}
+
+func TestReaderError(t *testing.T) {
+       for _, tt := range readerErrors {
+               img, err := readPNG("testdata/" + tt.file)
+               if err == nil {
+                       t.Errorf("decoding %s: missing error", tt.file)
+                       continue
+               }
+               if !strings.Contains(err.String(), tt.err) {
+                       t.Errorf("decoding %s: %s, want %s", tt.file, err, tt.err)
+               }
+               if img != nil {
+                       t.Errorf("decoding %s: have image + error")
+               }
+       }
+}
diff --git a/src/pkg/image/png/testdata/invalid-crc32.png b/src/pkg/image/png/testdata/invalid-crc32.png

new file mode 100644 (file)

index 0000000..e5be408

Binary files /dev/null and b/src/pkg/image/png/testdata/invalid-crc32.png differ
diff --git a/src/pkg/image/png/testdata/invalid-noend.png b/src/pkg/image/png/testdata/invalid-noend.png

new file mode 100644 (file)

index 0000000..9137270

Binary files /dev/null and b/src/pkg/image/png/testdata/invalid-noend.png differ
diff --git a/src/pkg/image/png/testdata/invalid-trunc.png b/src/pkg/image/png/testdata/invalid-trunc.png

new file mode 100644 (file)

index 0000000..d0748cf

Binary files /dev/null and b/src/pkg/image/png/testdata/invalid-trunc.png differ
diff --git a/src/pkg/image/png/testdata/invalid-zlib.png b/src/pkg/image/png/testdata/invalid-zlib.png

new file mode 100644 (file)

index 0000000..c6d051c

Binary files /dev/null and b/src/pkg/image/png/testdata/invalid-zlib.png differ
diff --git a/src/pkg/image/png/writer_test.go b/src/pkg/image/png/writer_test.go

index 1599791b3a39dfbcf13a8d6acf7d960f833ee59d..046aad9d27d9443e7060cf770e322e1ef2056198 100644 (file)
--- a/src/pkg/image/png/writer_test.go
+++ b/src/pkg/image/png/writer_test.go
@@ -56,13 +56,13 @@ func TestWriter(t *testing.T) {
         for _, fn := range names {
                 qfn := "testdata/pngsuite/" + fn + ".png"
                 // Read the image.
-               m0, err := readPng(qfn)
+               m0, err := readPNG(qfn)
                 if err != nil {
                         t.Error(fn, err)
                         continue
                 }
                 // Read the image again, encode it, and decode it.
-               m1, err := readPng(qfn)
+               m1, err := readPNG(qfn)
                 if err != nil {
                         t.Error(fn, err)
                         return
author	Russ Cox <rsc@golang.org>
	Wed, 7 Sep 2011 17:23:16 +0000 (13:23 -0400)
committer	Russ Cox <rsc@golang.org>
	Wed, 7 Sep 2011 17:23:16 +0000 (13:23 -0400)
src/pkg/image/png/reader.go		patch \| blob \| history
src/pkg/image/png/reader_test.go		patch \| blob \| history
src/pkg/image/png/testdata/invalid-crc32.png	[new file with mode: 0644]	patch \| blob
src/pkg/image/png/testdata/invalid-noend.png	[new file with mode: 0644]	patch \| blob
src/pkg/image/png/testdata/invalid-trunc.png	[new file with mode: 0644]	patch \| blob
src/pkg/image/png/testdata/invalid-zlib.png	[new file with mode: 0644]	patch \| blob
src/pkg/image/png/writer_test.go		patch \| blob \| history