Nomalize jpeg exceptions. Fix #821

SixLabors · JimBobSquarePants · Feb 17, 2019 · Feb 15, 2019 · Feb 15, 2019 · Feb 15, 2019
commit 903e4cd63755975dd2f9bb478f5fbadf477e4df3
diff --git a/src/ImageSharp/Formats/Jpeg/Components/Decoder/JpegComponent.cs b/src/ImageSharp/Formats/Jpeg/Components/Decoder/JpegComponent.cs
@@ -2,8 +2,6 @@
 // Licensed under the Apache License, Version 2.0.
 
 using System;
-using System.Runtime.CompilerServices;
-using System.Runtime.InteropServices;
 
 using SixLabors.ImageSharp.Memory;
 using SixLabors.Memory;
@@ -23,6 +21,12 @@ public JpegComponent(MemoryAllocator memoryAllocator, JpegFrame frame, byte id,
             this.memoryAllocator = memoryAllocator;
             this.Frame = frame;
             this.Id = id;
+
+            if (horizontalFactor == 0 || verticalFactor == 0)
+            {
+                JpegThrowHelper.ThrowImageFormatException("Bad Sampling factor.");
+            }
+
             this.HorizontalSamplingFactor = horizontalFactor;
             this.VerticalSamplingFactor = verticalFactor;
             this.SamplingFactors = new Size(this.HorizontalSamplingFactor, this.VerticalSamplingFactor);

diff --git a/src/ImageSharp/Formats/Jpeg/Components/Decoder/JpegFrame.cs b/src/ImageSharp/Formats/Jpeg/Components/Decoder/JpegFrame.cs
@@ -83,7 +83,7 @@ public void Dispose()
             {
                 for (int i = 0; i < this.Components.Length; i++)
                 {
-                    this.Components[i].Dispose();
+                    this.Components[i]?.Dispose();
                 }
 
                 this.Components = null;

diff --git a/src/ImageSharp/Formats/Jpeg/Components/Decoder/ScanDecoder.cs b/src/ImageSharp/Formats/Jpeg/Components/Decoder/ScanDecoder.cs
@@ -485,7 +485,7 @@ private void DecodeBlockProgressiveDC(
         {
             if (this.spectralEnd != 0)
             {
-                JpegThrowHelper.ThrowImageFormatException("Can't merge DC and AC.");
+                JpegThrowHelper.ThrowNoMergeDcAc();
             }
 
             this.CheckBits();
@@ -520,7 +520,7 @@ private void DecodeBlockProgressiveAC(
         {
             if (this.spectralStart == 0)
             {
-                JpegThrowHelper.ThrowImageFormatException("Can't merge DC and AC.");
+                JpegThrowHelper.ThrowNoMergeDcAc();
             }
 
             ref short blockDataRef = ref Unsafe.As<Block8x8, short>(ref block);

diff --git a/src/ImageSharp/Formats/Jpeg/JpegDecoderCore.cs b/src/ImageSharp/Formats/Jpeg/JpegDecoderCore.cs
@@ -255,7 +255,7 @@ public void ParseStream(Stream stream, bool metadataOnly = false)
             var fileMarker = new JpegFileMarker(this.markerBuffer[1], 0);
             if (fileMarker.Marker != JpegConstants.Markers.SOI)
             {
-                throw new ImageFormatException("Missing SOI marker.");
+                JpegThrowHelper.ThrowImageFormatException("Missing SOI marker.");
             }
 
             this.InputStream.Read(this.markerBuffer, 0, 2);
@@ -419,7 +419,8 @@ private JpegColorSpace DeduceJpegColorSpace()
                     : JpegColorSpace.Cmyk;
             }
 
-            throw new ImageFormatException($"Unsupported color mode. Max components 4; found {this.ComponentCount}");
+            JpegThrowHelper.ThrowImageFormatException($"Unsupported color mode. Max components 4; found {this.ComponentCount}");
+            return default;
         }
 
         /// <summary>
@@ -690,7 +691,8 @@ private void ProcessDefineQuantizationTablesMarker(int remaining)
 
                         break;
                     default:
-                        throw new ImageFormatException("Bad Tq index value");
+                        JpegThrowHelper.ThrowImageFormatException("Bad Tq index value");
+                        break;
                 }
 
                 if (done)
@@ -701,7 +703,7 @@ private void ProcessDefineQuantizationTablesMarker(int remaining)
 
             if (remaining != 0)
             {
-                throw new ImageFormatException("DQT has wrong length");
+                JpegThrowHelper.ThrowImageFormatException("DQT has wrong length");
             }
 
             this.MetaData.GetFormatMetaData(JpegFormat.Instance).Quality = QualityEvaluator.EstimateQuality(this.QuantizationTables);
@@ -717,15 +719,15 @@ private void ProcessStartOfFrameMarker(int remaining, in JpegFileMarker frameMar
         {
             if (this.Frame != null)
             {
-                throw new ImageFormatException("Multiple SOF markers. Only single frame jpegs supported.");
+                JpegThrowHelper.ThrowImageFormatException("Multiple SOF markers. Only single frame jpegs supported.");
             }
 
             this.InputStream.Read(this.temp, 0, remaining);
 
             // We only support 8-bit and 12-bit precision.
             if (!this.supportedPrecisions.Contains(this.temp[0]))
             {
-                throw new ImageFormatException("Only 8-Bit and 12-Bit precision supported.");
+                JpegThrowHelper.ThrowImageFormatException("Only 8-Bit and 12-Bit precision supported.");
             }
 
             this.Precision = this.temp[0];
@@ -740,6 +742,11 @@ private void ProcessStartOfFrameMarker(int remaining, in JpegFileMarker frameMar
                 ComponentCount = this.temp[5]
             };
 
+            if (this.Frame.SamplesPerLine == 0 || this.Frame.Scanlines == 0)
+            {
+                JpegThrowHelper.ThrowInvalidImageDimensions(this.Frame.SamplesPerLine, this.Frame.Scanlines);
+            }
+
             this.ImageSizeInPixels = new Size(this.Frame.SamplesPerLine, this.Frame.Scanlines);
 
             int maxH = 0;
@@ -848,7 +855,7 @@ private void ProcessDefineRestartIntervalMarker(int remaining)
         {
             if (remaining != 2)
             {
-                throw new ImageFormatException($"DRI has wrong length: {remaining}");
+                JpegThrowHelper.ThrowImageFormatException($"DRI has wrong length: {remaining}");
             }
 
             this.resetInterval = this.ReadUint16();
@@ -861,7 +868,7 @@ private void ProcessStartOfScanMarker()
         {
             if (this.Frame is null)
             {
-                throw new ImageFormatException("No readable SOFn (Start Of Frame) marker found.");
+                JpegThrowHelper.ThrowImageFormatException("No readable SOFn (Start Of Frame) marker found.");
             }
 
             int selectorsCount = this.InputStream.ReadByte();
@@ -882,7 +889,7 @@ private void ProcessStartOfScanMarker()
 
                 if (componentIndex < 0)
                 {
-                    throw new ImageFormatException("Unknown component selector");
+                    JpegThrowHelper.ThrowImageFormatException($"Unknown component selector {componentIndex}.");
                 }
 
                 ref JpegComponent component = ref this.Frame.Components[componentIndex];
@@ -944,6 +951,11 @@ private ushort ReadUint16()
         private Image<TPixel> PostProcessIntoImage<TPixel>()
             where TPixel : struct, IPixel<TPixel>
         {
+            if (this.ImageWidth == 0 || this.ImageHeight == 0)
+            {
+                JpegThrowHelper.ThrowInvalidImageDimensions(this.ImageWidth, this.ImageHeight);
+            }
+
             var image = Image.CreateUninitialized<TPixel>(
                 this.configuration,
                 this.ImageWidth,

diff --git a/src/ImageSharp/Formats/Jpeg/JpegThrowHelper.cs b/src/ImageSharp/Formats/Jpeg/JpegThrowHelper.cs
@@ -8,19 +8,19 @@ namespace SixLabors.ImageSharp.Formats.Jpeg
     internal static class JpegThrowHelper
     {
         /// <summary>
-        /// Cold path optimization for throwing <see cref="ImageFormatException"/>-s
+        /// Cold path optimization for throwing <see cref="ImageFormatException"/>'s.
         /// </summary>
-        /// <param name="errorMessage">The error message for the exception</param>
-        [MethodImpl(MethodImplOptions.NoInlining)]
-        public static void ThrowImageFormatException(string errorMessage)
-        {
-            throw new ImageFormatException(errorMessage);
-        }
+        /// <param name="errorMessage">The error message for the exception.</param>
+        [MethodImpl(InliningOptions.ColdPath)]
+        public static void ThrowImageFormatException(string errorMessage) => throw new ImageFormatException(errorMessage);
 
-        [MethodImpl(MethodImplOptions.NoInlining)]
-        public static void ThrowBadHuffmanCode()
-        {
-            throw new ImageFormatException("Bad Huffman code.");
-        }
+        [MethodImpl(InliningOptions.ColdPath)]
+        public static void ThrowBadHuffmanCode() => throw new ImageFormatException("Bad Huffman code.");
+
+        [MethodImpl(InliningOptions.ColdPath)]
+        public static void ThrowNoMergeDcAc() => throw new ImageFormatException("Can't merge DC and AC.");
+
+        [MethodImpl(InliningOptions.ColdPath)]
+        public static void ThrowInvalidImageDimensions(int width, int height) => throw new ImageFormatException($"Invalid image dimensions: {width}x{height}.");
     }
 }
diff --git a/tests/ImageSharp.Tests/Formats/Jpg/JpegDecoderTests.Baseline.cs b/tests/ImageSharp.Tests/Formats/Jpg/JpegDecoderTests.Baseline.cs
@@ -35,22 +35,14 @@ public void DecodeBaselineJpeg<TPixel>(TestImageProvider<TPixel> provider)
         }
 
         [Theory]
-        [WithFile(TestImages.Jpeg.Issues.CriticalEOF214, PixelTypes.Rgba32)]
-        public void DecodeBaselineJpeg_CriticalEOF_ShouldThrow<TPixel>(TestImageProvider<TPixel> provider)
-            where TPixel : struct, IPixel<TPixel>
-        {
-            // TODO: We need a public ImageDecoderException class in ImageSharp!
-            Assert.ThrowsAny<Exception>(() => provider.GetImage(JpegDecoder));
-        }
-
-        [Theory]
-        [WithFile(TestImages.Jpeg.Issues.InvalidJpegThrowsWrongException797, PixelTypes.Rgba32)]
-        public void LoadingImage_InvalidTagLength_ShouldThrow<TPixel>(TestImageProvider<TPixel> provider)
+        [WithFileCollection(nameof(UnrecoverableTestJpegs), PixelTypes.Rgba32)]
+        public void UnrecoverableImagesShouldThrowCorrectError<TPixel>(TestImageProvider<TPixel> provider)
             where TPixel : struct, IPixel<TPixel> => Assert.Throws<ImageFormatException>(() => provider.GetImage());
 
+        // TODO: This should actually throw.
         [Theory]
-        [WithFile(TestImages.Jpeg.Issues.AccessViolationException798, PixelTypes.Rgba32)]
+        [WithFile(TestImages.Jpeg.Issues.Fuzz.AccessViolationException798, PixelTypes.Rgba32)]
         public void LoadingImage_BadHuffman_ShouldNotThrow<TPixel>(TestImageProvider<TPixel> provider)
-    where TPixel : struct, IPixel<TPixel> => Assert.NotNull(provider.GetImage());
+            where TPixel : struct, IPixel<TPixel> => Assert.NotNull(provider.GetImage());
     }
 }
diff --git a/tests/ImageSharp.Tests/Formats/Jpg/JpegDecoderTests.Images.cs b/tests/ImageSharp.Tests/Formats/Jpg/JpegDecoderTests.Images.cs
@@ -53,6 +53,14 @@ public partial class JpegDecoderTests
                 TestImages.Jpeg.Issues.OrderedInterleavedProgressive723C
             };
 
+        public static string[] UnrecoverableTestJpegs = {
+
+            TestImages.Jpeg.Issues.CriticalEOF214,
+            TestImages.Jpeg.Issues.Fuzz.NullReferenceException797,
+            // TestImages.Jpeg.Issues.Fuzz.AccessViolationException798,
+            TestImages.Jpeg.Issues.Fuzz.DivideByZeroException821
+        };
+
         private static readonly Dictionary<string, float> CustomToleranceValues =
             new Dictionary<string, float>
             {

diff --git a/tests/ImageSharp.Tests/TestImages.cs b/tests/ImageSharp.Tests/TestImages.cs
@@ -171,8 +171,13 @@ public static class Issues
                 public const string OrderedInterleavedProgressive723C = "Jpg/issues/Issue723-Ordered-Interleaved-Progressive-C.jpg";
                 public const string ExifGetString750Transform = "Jpg/issues/issue750-exif-tranform.jpg";
                 public const string ExifGetString750Load = "Jpg/issues/issue750-exif-load.jpg";
-                public const string InvalidJpegThrowsWrongException797 = "Jpg/issues/Issue797-InvalidImage.jpg";
-                public const string AccessViolationException798 = "Jpg/issues/Issue798-AccessViolationException.jpg";
+
+                public static class Fuzz
+                {
+                    public const string NullReferenceException797 = "Jpg/issues/fuzz/Issue797-NullReferenceException.jpg";
+                    public const string AccessViolationException798 = "Jpg/issues/fuzz/Issue798-AccessViolationException.jpg";
+                    public const string DivideByZeroException821 = "Jpg/issues/fuzz/Issue821-DivideByZeroException.jpg";
+                }
             }
 
             public static readonly string[] All = Baseline.All.Concat(Progressive.All).ToArray();
@@ -235,7 +240,7 @@ public static class Bmp
             public const string Rgba321010102 = "Bmp/rgba32-1010102.bmp";
             public const string RgbaAlphaBitfields = "Bmp/rgba32abf.bmp";
 
-            public static readonly string[] BitFields 
+            public static readonly string[] BitFields
             = {
                   Rgb32bfdef,
                   Rgb32bf,

diff --git a/...nput/Jpg/issues/Issue214-CriticalEOF .jpg → ...Input/Jpg/issues/Issue214-CriticalEOF.jpg b/...nput/Jpg/issues/Issue214-CriticalEOF .jpg → ...Input/Jpg/issues/Issue214-CriticalEOF.jpg
diff --git a/...nput/Jpg/issues/Issue797-InvalidImage.jpg → .../fuzz/Issue797-NullReferenceException.jpg b/...nput/Jpg/issues/Issue797-InvalidImage.jpg → .../fuzz/Issue797-NullReferenceException.jpg
diff --git a/...ues/Issue798-AccessViolationException.jpg → ...uzz/Issue798-AccessViolationException.jpg b/...ues/Issue798-AccessViolationException.jpg → ...uzz/Issue798-AccessViolationException.jpg
diff --git a/tests/Images/Input/Jpg/issues/fuzz/Issue821-DivideByZeroException.jpg b/tests/Images/Input/Jpg/issues/fuzz/Issue821-DivideByZeroException.jpg