Skip to content

Bug trophy case

Jump to bottom
Rohan Padhye edited this page Jun 4, 2018 · 26 revisions

This is a list of new bugs found in open-source software using JQF. Feel free to add to this list if you find anything new using JQF.

OpenJDK

  • JDK-8190332: PngReader throws NegativeArraySizeException when width is too large
  • JDK-8190511: PngReader throws OutOfMemoryError for very small malformed PNGs
  • JDK-8190512: PngReader throws undocumented IllegalArgumentException: "Empty Region" instead of IOException for malformed images with negative dimensions
  • JDK-8190997: PngReader throws NullPointerException when PLTE section is missing
  • JDK-8191023: PngReader throws NegativeArraySizeException in parse_tEXt_chunk when keyword length exceeeds chunk size
  • JDK-8191076: PngReader throws NegativeArraySizeException in parse_zTXt_chunk when keyword length exceeds chunk size
  • JDK-8191109: PngReader throws NegativeArraySizeException in parse_iCCP_chunk when keyword length exceeds chunk size
  • JDK-8191174: PngReader throws undocumented llegalArgumentException with message "Pixel stride times width must be <= scanline stride"
  • JDK-8191073: JpegImageReader throws IndexOutOfBoundsException when reading malformed header
  • JDK-8193444: SimpleDateFormat throws ArrayIndexOutOfBoundsException when format contains long sequences of unicode characters
  • JDK-8193877: DateTimeFormatterBuilder throws ClassCastException when using padding

Google Closure Compiler

Mozilla Rhino

Apache Commons

  • COMPRESS-424: BZip2CompressorInputStream throws ArrayIndexOutOfBoundsException(s) when decompressing malformed input
  • LANG-1385: StringIndexOutOfBoundsException in NumberUtils.createNumber

Apache Maven

  • MNG-6375: NullPointerException when pom.xml has incomplete XML tag
  • MNG-6374: ModelBuilder hangs with malformed pom.xml

The source code examples in the wiki pages can be freely re-used under the same license as the rest of JQF.

Usage

Tutorials

Internals

Misc

Clone this wiki locally