Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Fix NullPointerException issues in HeifReader and PngMetadataReader #708

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Fix NullPointerException issues in HeifReader and PngMetadataReader #708

wants to merge 1 commit into from

Conversation

@AndreCatarino
Copy link

@AndreCatarino AndreCatarino commented Oct 2, 2025

Problem

Fixes java.lang.NullPointerException in stream reader initialization chain, particularly affecting HEIF and PNG metadata reading workflows.

Root Cause: Missing null parameter validation in key entry points allows null InputStreams to propagate through the system, causing NPEs during StreamReader construction or method chaining.

Solution

  • HeifReader: Added comprehensive null validation for both inputStream and handler parameters
  • PngMetadataReader: Added null check before StreamReader instantiation
  • Stream handling: Improved robustness of InputStream.available() edge case handling
  • API documentation: Added @NotNull annotations for better IDE support

Changes Made

HeifReader.extract()

  • Validates inputStream != null and handler != null
  • Throws IllegalArgumentException with descriptive messages
  • Fixed InputStream.available() handling when it returns -1
  • Uses reasonable default (8192 bytes) for mark limit when available() fails

PngMetadataReader.readMetadata()

  • Added null validation before creating StreamReader
  • Prevents NPE in common PNG processing workflow

Testing

  • Created HeifReaderTest with 3 comprehensive test scenarios:
    • Null InputStream parameter validation
    • Null Handler parameter validation
    • Valid parameters (regression test)

Impact

  • Prevents NPE-based crashes that could be exploited
  • @NotNull annotations help developers use the API correctly
  • Handles edge cases in InputStream implementations gracefully

@AndreCatarino
NullPointerException issues in HeifReader and PngMetadataReader
252783c 
- Add null checks in HeifReader.extract() and PngMetadataReader.readMetadata()
- Handle InputStream.available() edge case in HeifReader
- Add @NotNull annotations for API clarity
- Add unit tests for null parameter handling
drewnoakes
drewnoakes reviewed Oct 5, 2025
View reviewed changes
Source/com/drew/imaging/heif/HeifReader.java
Comment on lines +60 to +63
int available = inputStream.available();
// Some InputStreams return -1 for available(), so use a reasonable default
int markReadAheadLimit = (available > 0) ? available + 1 : 8192;
inputStream.mark(markReadAheadLimit);
Copy link
Owner

@drewnoakes drewnoakes Oct 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there some additional context on this change? In what case were you seeing this? I'd like to think through the consequences of this a bit more.

Source/com/drew/imaging/heif/HeifReader.java
Comment on lines +44 to +49
if (inputStream == null) {
throw new IllegalArgumentException("inputStream cannot be null");
}
if (handler == null) {
throw new IllegalArgumentException("handler cannot be null");
}
Copy link
Owner

@drewnoakes drewnoakes Oct 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are probably thousands of such places where we don't validate parameter values as non-null. I'm not sure what value this adds in practice.

Source/com/drew/imaging/heif/HeifReader.java
Comment on lines -41 to +42
public void extract(InputStream inputStream, HeifHandler<?> handler)
public void extract(@NotNull InputStream inputStream, @NotNull HeifHandler<?> handler)
Copy link
Owner

@drewnoakes drewnoakes Oct 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Annotations are good, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@drewnoakes drewnoakes drewnoakes left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@AndreCatarino @drewnoakes