[SCM] Multi-format 1D/2D barcode image processing library branch, upstream, updated. 24d4480bc48cf9eabf7b2bd2f528248b0e458809
srowen
srowen at 59b500cc-1b3d-0410-9834-0bbf25fbcc57
Wed Aug 4 01:31:25 UTC 2010
The following commit has been merged in the upstream branch:
commit d582cb1745e3ac3c07305da6c34b6272cf5354e0
Author: srowen <srowen at 59b500cc-1b3d-0410-9834-0bbf25fbcc57>
Date: Sat May 8 20:56:31 2010 +0000
Tighten up some stuff I saw from the logs
git-svn-id: http://zxing.googlecode.com/svn/trunk@1344 59b500cc-1b3d-0410-9834-0bbf25fbcc57
diff --git a/androidtest/src/com/google/zxing/client/androidtest/BenchmarkActivity.java b/androidtest/src/com/google/zxing/client/androidtest/BenchmarkActivity.java
index 6b30808..002fc85 100755
--- a/androidtest/src/com/google/zxing/client/androidtest/BenchmarkActivity.java
+++ b/androidtest/src/com/google/zxing/client/androidtest/BenchmarkActivity.java
@@ -79,8 +79,7 @@ public final class BenchmarkActivity extends Activity {
List<BenchmarkItem> items = (List<BenchmarkItem>) message.obj;
int count = 0;
int time = 0;
- for (int x = 0; x < items.size(); x++) {
- BenchmarkItem item = items.get(x);
+ for (BenchmarkItem item : items) {
if (item != null) {
Log.v(TAG, item.toString());
count++;
diff --git a/core/src/com/google/zxing/datamatrix/decoder/DecodedBitStreamParser.java b/core/src/com/google/zxing/datamatrix/decoder/DecodedBitStreamParser.java
index ccea54f..16ce63d 100644
--- a/core/src/com/google/zxing/datamatrix/decoder/DecodedBitStreamParser.java
+++ b/core/src/com/google/zxing/datamatrix/decoder/DecodedBitStreamParser.java
@@ -420,7 +420,8 @@ final class DecodedBitStreamParser {
/**
* See ISO 16022:2006, 5.2.9 and Annex B, B.2
*/
- private static void decodeBase256Segment(BitSource bits, StringBuffer result, Vector byteSegments) {
+ private static void decodeBase256Segment(BitSource bits, StringBuffer result, Vector byteSegments)
+ throws FormatException {
// Figure out how long the Base 256 Segment is.
int d1 = bits.readBits(8);
int count;
@@ -433,6 +434,11 @@ final class DecodedBitStreamParser {
}
byte[] bytes = new byte[count];
for (int i = 0; i < count; i++) {
+ // Have seen this particular error in the wild, such as at
+ // http://www.bcgen.com/demo/IDAutomationStreamingDataMatrix.aspx?MODE=3&D=Fred&PFMT=3&PT=F&X=0.3&O=0&LM=0.2
+ if (bits.available() < 8) {
+ throw FormatException.getFormatInstance();
+ }
bytes[i] = unrandomize255State(bits.readBits(8), i);
}
byteSegments.addElement(bytes);
diff --git a/zxingorg/src/com/google/zxing/web/DecodeServlet.java b/zxingorg/src/com/google/zxing/web/DecodeServlet.java
index e84c2cd..936155d 100644
--- a/zxingorg/src/com/google/zxing/web/DecodeServlet.java
+++ b/zxingorg/src/com/google/zxing/web/DecodeServlet.java
@@ -62,10 +62,8 @@ import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStreamWriter;
import java.io.Writer;
-import java.net.SocketException;
import java.net.URI;
import java.net.URISyntaxException;
-import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
@@ -90,7 +88,10 @@ import javax.servlet.http.HttpServletResponse;
*/
public final class DecodeServlet extends HttpServlet {
+ // No real reason to let people upload more than a 2MB image
private static final long MAX_IMAGE_SIZE = 2000000L;
+ // No real reason to deal with more than maybe 2.5 megapixels
+ private static final int MAX_PIXELS = 1 << 16;
private static final Logger log = Logger.getLogger(DecodeServlet.class.getName());
@@ -148,6 +149,8 @@ public final class DecodeServlet extends HttpServlet {
return;
}
+ imageURIString = imageURIString.trim();
+
if (!(imageURIString.startsWith("http://") || imageURIString.startsWith("https://"))) {
imageURIString = "http://" + imageURIString;
}
@@ -176,12 +179,12 @@ public final class DecodeServlet extends HttpServlet {
getRequest.abort();
response.sendRedirect("badurl.jspx");
return;
- } catch (SocketException se) {
- // Thrown if hostname is bad or null
- getRequest.abort();
- response.sendRedirect("badurl.jspx");
- return;
- } catch (UnknownHostException uhe) {
+ } catch (IOException ioe) {
+ // Encompasses lots of stuff, including
+ // java.net.SocketException, java.net.UnknownHostException,
+ // javax.net.ssl.SSLPeerUnverifiedException,
+ // org.apache.http.NoHttpResponseException,
+ // org.apache.http.client.ClientProtocolException,
getRequest.abort();
response.sendRedirect("badurl.jspx");
return;
@@ -255,14 +258,21 @@ public final class DecodeServlet extends HttpServlet {
try {
image = ImageIO.read(is);
} catch (IOException ioe) {
+ // Includes javax.imageio.IIOException
response.sendRedirect("badimage.jspx");
return;
} catch (CMMException cmme) {
// Have seen this in logs
response.sendRedirect("badimage.jspx");
return;
+ } catch (IllegalArgumentException iae) {
+ // Have seen this in logs for some JPEGs
+ response.sendRedirect("badimage.jspx");
+ return;
}
- if (image == null) {
+ if (image == null ||
+ image.getHeight() <= 1 || image.getWidth() >= 1 ||
+ image.getHeight() * image.getWidth() > MAX_PIXELS) {
response.sendRedirect("badimage.jspx");
return;
}
diff --git a/zxingorg/src/com/google/zxing/web/DoSFilter.java b/zxingorg/src/com/google/zxing/web/DoSFilter.java
index 177fc2b..7c9fa77 100755
--- a/zxingorg/src/com/google/zxing/web/DoSFilter.java
+++ b/zxingorg/src/com/google/zxing/web/DoSFilter.java
@@ -27,13 +27,11 @@ import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.net.InetAddress;
import java.net.UnknownHostException;
-import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import java.util.Timer;
import java.util.TimerTask;
-import java.util.regex.Pattern;
/**
* A {@link Filter} that rejects requests from hosts that are sending too many
@@ -46,29 +44,20 @@ public final class DoSFilter implements Filter {
private static final int MAX_ACCESSES_PER_IP_PER_TIME = 10;
private static final long MAX_ACCESS_INTERVAL_MSEC = 10L * 1000L;
private static final long UNBAN_INTERVAL_MSEC = 60L * 60L * 1000L;
- private static final Pattern COMMA_PATTERN = Pattern.compile(",");
private final IPTrie numRecentAccesses;
private final Timer timer;
private final Set<String> bannedIPAddresses;
- private final Collection<String> manuallyBannedIPAddresses;
private ServletContext context;
public DoSFilter() {
numRecentAccesses = new IPTrie();
timer = new Timer("DosFilter reset timer");
bannedIPAddresses = Collections.synchronizedSet(new HashSet<String>());
- manuallyBannedIPAddresses = new HashSet<String>();
}
public void init(FilterConfig filterConfig) {
context = filterConfig.getServletContext();
- String bannedIPs = filterConfig.getInitParameter("bannedIPs");
- if (bannedIPs != null) {
- for (String ip : COMMA_PATTERN.split(bannedIPs)) {
- manuallyBannedIPAddresses.add(ip.trim());
- }
- }
timer.scheduleAtFixedRate(new ResetTask(), 0L, MAX_ACCESS_INTERVAL_MSEC);
timer.scheduleAtFixedRate(new UnbanTask(), 0L, UNBAN_INTERVAL_MSEC);
}
@@ -86,8 +75,7 @@ public final class DoSFilter implements Filter {
private boolean isBanned(ServletRequest request) {
String remoteIPAddressString = request.getRemoteAddr();
- if (bannedIPAddresses.contains(remoteIPAddressString) ||
- manuallyBannedIPAddresses.contains(remoteIPAddressString)) {
+ if (bannedIPAddresses.contains(remoteIPAddressString)) {
return true;
}
InetAddress remoteIPAddress;
--
Multi-format 1D/2D barcode image processing library
More information about the Pkg-google-commits
mailing list