search

drewnoakes / metadata-extractor

Extracts Exif, IPTC, XMP, ICC and other metadata from image, video and audio files
Apache License 2.0
2.57k stars 481 forks source link

A OOM problem was found in metadata-extractor #640

Open Alex111998 opened 10 months ago

Alex111998 commented 10 months ago

(Please include as much information as possible, and attach a sample image if possible.) When I test the latest version(2.19.0) of metadata-extractor by CIFuzz,a OOM security issue was found, it caused when format a big number in method BmpHeaderDescriptor.formatHex(int, int), may cause denial of service issues in applications via the follow code:

pom

<dependency>
         <groupId>com.drewnoakes</groupId>
         <artifactId>metadata-extractor</artifactId>
         <version>2.19.0</version>
</dependency>

code

import com.drew.metadata.bmp.BmpHeaderDescriptor;

public class MetadataExtractor_OOM {

    public static void main(String[] args) {
        try {
            BmpHeaderDescriptor.formatHex(Integer.MAX_VALUE, Integer.MAX_VALUE);
        } catch (Exception e) {
        }
    }
}

image