Backups/TwelveMonkeys
2
0
Fork 0
mirror of https://github.com/haraldk/TwelveMonkeys.git synced 2026-01-24 00:00:05 -05:00
Code Issues Projects Releases Wiki Activity

take code review into account

Browse Source
This commit is contained in:
Vincent Privat
2025-11-02 23:08:51 +01:00
committed by Harald Kuhr
parent 6c8b0cdc2f
commit 8da45b5f05
2 changed files with 10 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
imageio/imageio-batik/src/main/java/com/twelvemonkeys/imageio/plugins/svg/SVGImageReaderSpi.java
View File

@@ -155,17 +155,19 @@ public final class SVGImageReaderSpi extends ImageReaderSpiBase {
// If tag name not terminated yet, keep reading bytes (within limit) // If tag name not terminated yet, keep reading bytes (within limit)
final int MAX_TAG_NAME = 256; final int MAX_TAG_NAME = 256;
final boolean incompleteTagName = consumedFromBuffer == buffer.length; final boolean incompleteTagName = consumedFromBuffer == buffer.length;
readBuffer(input, nameBuf, x -> incompleteTagName && x.size() < MAX_TAG_NAME, readBuffer(input, nameBuf, output -> incompleteTagName && output.size() < MAX_TAG_NAME,
bb -> bb == '>' || Character.isWhitespace(bb) || bb == '/'); bb -> bb == '>' || Character.isWhitespace(bb) || bb == '/');
if (nameBuf.toString("US-ASCII").toLowerCase(Locale.ENGLISH).endsWith(":svg")) { final String name = nameBuf.toString("US-ASCII");
if (name.toLowerCase(Locale.ENGLISH).endsWith(":svg")) {
// Scan the rest of the tag attributes until '>' to find the SVG namespace URI // Scan the rest of the tag attributes until '>' to find the SVG namespace URI
ByteArrayOutputStream attrBuf = new ByteArrayOutputStream(); ByteArrayOutputStream attrBuf = new ByteArrayOutputStream();
final int MAX_ATTR_SCAN = 1024; // safe upper bound to keep it fast final int MAX_ATTR_SCAN = 1024; // safe upper bound to keep it fast
readBuffer(input, attrBuf, x -> x.size() < MAX_ATTR_SCAN, bb -> bb == '>'); readBuffer(input, attrBuf, output -> output.size() < MAX_ATTR_SCAN, bb -> bb == '>');
// If the tag contains the SVG namespace, it's SVG. // If the tag contains the SVG namespace, it's SVG.
if (attrBuf.toString("US-ASCII").contains("http://www.w3.org/2000/svg")) { if (attrBuf.toString("US-ASCII").matches(
".*xmlns:" + name.split(":")[0] + "\\s*=\\s*\"http://www.w3.org/2000/svg\".*")) {
return true; return true;
} }
} }
@@ -192,11 +194,7 @@ public final class SVGImageReaderSpi extends ImageReaderSpiBase {
private static void readBuffer(final ImageInputStream input, final ByteArrayOutputStream buffer, private static void readBuffer(final ImageInputStream input, final ByteArrayOutputStream buffer,
final Predicate<ByteArrayOutputStream> loopCondition, Predicate<Byte> breakCondition) throws IOException { final Predicate<ByteArrayOutputStream> loopCondition, Predicate<Byte> breakCondition) throws IOException {
while (loopCondition.test(buffer)) { while (loopCondition.test(buffer)) {
int r = input.read(); byte bb = input.readByte();
if (r == -1) {
throw new EOFException();
}
byte bb = (byte) r;
if (breakCondition.test(bb)) { if (breakCondition.test(bb)) {
break; break;
} }

3
imageio/imageio-batik/src/test/java/com/twelvemonkeys/imageio/plugins/svg/SVGImageReaderSpiTest.java
View File

@@ -70,6 +70,9 @@ public class SVGImageReaderSpiTest {
"<!-- ", // #275 Infinite loop issue "<!-- ", // #275 Infinite loop issue
"<?123?>", // #275 Infinite loop issue "<?123?>", // #275 Infinite loop issue
"<svg", "<svg",
"<ns0:svg>", // namespace prefix undefined
"<ns0:svg xmlns:ns0=\"foo\">", // not the official svg namespace
"<ns0:svg xmlns:ns1=\"http://www.w3.org/2000/svg\">", // mismatching prefix
}; };
static { static {