From dc9e7836088adc7a5883544baa9010a997141e3d Mon Sep 17 00:00:00 2001 From: Lucas CHOLLET Date: Wed, 29 Mar 2023 21:50:22 -0400 Subject: [PATCH] LibGfx/JPEG: Remove the `ensure_bounds_okay` function This function has probably been added when we weren't as good with error propagations as we are now. We can safely remove it and let future calls to `read` fail if the file is corrupted. This can be tested with the following bytes (already used in 9191829a): ffd8ffc000000800080ef701101200ffda00030100 --- .../LibGfx/ImageFormats/JPEGLoader.cpp | 20 ++----------------- 1 file changed, 2 insertions(+), 18 deletions(-) diff --git a/Userland/Libraries/LibGfx/ImageFormats/JPEGLoader.cpp b/Userland/Libraries/LibGfx/ImageFormats/JPEGLoader.cpp index c6f6a628e2..37a21e5870 100644 --- a/Userland/Libraries/LibGfx/ImageFormats/JPEGLoader.cpp +++ b/Userland/Libraries/LibGfx/ImageFormats/JPEGLoader.cpp @@ -554,15 +554,6 @@ static ErrorOr decode_huffman_stream(JPEGLoadingContext& context, Vector ensure_bounds_okay(const size_t cursor, const size_t delta, const size_t bound) -{ - if (Checked::addition_would_overflow(delta, cursor)) - return Error::from_string_literal("Bounds are not ok: addition would overflow"); - if (delta + cursor >= bound) - return Error::from_string_literal("Bounds are not ok"); - return {}; -} - static bool is_frame_marker(Marker const marker) { // B.1.1.3 - Marker assignments @@ -633,8 +624,7 @@ static ErrorOr read_start_of_scan(AK::SeekableStream& stream, JPEGLoadingC return Error::from_string_literal("SOS found before reading a SOF"); } - u16 bytes_to_read = TRY(stream.read_value>()) - 2; - TRY(ensure_bounds_okay(TRY(stream.tell()), bytes_to_read, TRY(stream.size()))); + [[maybe_unused]] u16 const bytes_to_read = TRY(stream.read_value>()) - 2; u8 const component_count = TRY(stream.read_value()); Scan current_scan; @@ -711,7 +701,6 @@ static ErrorOr read_restart_interval(AK::SeekableStream& stream, JPEGLoadi static ErrorOr read_huffman_table(AK::SeekableStream& stream, JPEGLoadingContext& context) { i32 bytes_to_read = TRY(stream.read_value>()); - TRY(ensure_bounds_okay(TRY(stream.tell()), bytes_to_read, TRY(stream.size()))); bytes_to_read -= 2; while (bytes_to_read > 0) { HuffmanTableSpec table; @@ -865,7 +854,6 @@ static ErrorOr read_colour_encoding(SeekableStream& stream, [[maybe_unused static ErrorOr read_app_marker(SeekableStream& stream, JPEGLoadingContext& context, int app_marker_number) { i32 bytes_to_read = TRY(stream.read_value>()); - TRY(ensure_bounds_okay(TRY(stream.tell()), bytes_to_read, TRY(stream.size()))); if (bytes_to_read <= 2) return Error::from_string_literal("app marker size too small"); @@ -931,10 +919,7 @@ static ErrorOr read_start_of_frame(AK::SeekableStream& stream, JPEGLoading return Error::from_string_literal("SOF repeated"); } - i32 bytes_to_read = TRY(stream.read_value>()); - - bytes_to_read -= 2; - TRY(ensure_bounds_okay(TRY(stream.tell()), bytes_to_read, TRY(stream.size()))); + [[maybe_unused]] u16 const bytes_to_read = TRY(stream.read_value>()); context.frame.precision = TRY(stream.read_value()); if (context.frame.precision != 8) { @@ -1006,7 +991,6 @@ static ErrorOr read_start_of_frame(AK::SeekableStream& stream, JPEGLoading static ErrorOr read_quantization_table(AK::SeekableStream& stream, JPEGLoadingContext& context) { i32 bytes_to_read = TRY(stream.read_value>()) - 2; - TRY(ensure_bounds_okay(TRY(stream.tell()), bytes_to_read, TRY(stream.size()))); while (bytes_to_read > 0) { u8 info_byte = TRY(stream.read_value()); u8 element_unit_hint = info_byte >> 4;