RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 02:17:35 +00:00
Code Issues Activity Actions

JPGLoader: Check existence of Huffman tables in scan header segment (#3442)

Browse source 
DC and AC table IDs read in the scan header segment weren't validated
against the IDs of Huffman tables read in the DHT segment. This caused
an OOB read when a Huffman table was accessed using the ID read in the
scan header segment. Furthermore, the decoder now replaces the old DC
or AC table if a redefinition has been found prior to the scan header.

Fixes #3439.
This commit is contained in:
Devashish Jaiswal 2020-09-10 14:50:04 +05:30 committed by GitHub
parent d830c107ce
commit 2a3166e523
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 57 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Base/res/html/misc/jpg.html
View file

@ -6,6 +6,8 @@
</head>
<body>
<div>
<h3>Issue-3439</h3>
<img alt="lena" src="jpgsuite_files/offending-3439.jpg"/><br>
<h3>Non-subsampled Lena</h3> <br>
<img alt="lena" src="jpgsuite_files/non-subsampled-lena.jpg"/> <br>
<h3>Chroma Horizontally Halved Lena</h3> <br>