Use of `InputStream.read(byte[] b)` is dangerous if the return value is not checked
thomasheritage opened this issue · 1 comments
This sort of construction is used in a few places in the code (in slightly different forms). For example , in applyRule5_2(…, InputStream value, ...):
byte[] val = new byte[len];
value.read(val);
BigInteger bi = idef.isSigned() ? new BigInteger(val) : new BigInteger(1, val);
The number of bytes read from value is not checked. It could be that, for example:
- No bytes were actually read
- The number of bytes read was less than
len - The number of bytes available was greater than
lenbut onlylenbytes were read
This can lead to some misleading results… For example, if you're expecting an Element to be a UInt16 but it actually contains only a single byte (due to a fault with either the MXF file or with the MetaDefinition) with the value 1 then val will end up as 0x0100 and so the Element will have a value of 256 in the XML output and no Warning or Error will be reported.
This is in contrast to the use of readInt() etc elsewhere which is (probably) safer.
Fails when the number of bytes read equals 0, otherwise tolerates smaller, but not bigger fields.