From 7a89fb046879bd76da73ef4da96ca1d692e6606a Mon Sep 17 00:00:00 2001 From: Mark Nauwelaerts Date: Tue, 28 Jul 2009 16:11:36 +0200 Subject: jpegdec: when scanning for 0xff marker ends, ensure desired result Otherwise, any non 0xff byte at end of data would be mistaken for a tag byte, and in case of a frame_len 0 tag subsequently lead to an infinite loop. --- ext/jpeg/gstjpegdec.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'ext/jpeg/gstjpegdec.c') diff --git a/ext/jpeg/gstjpegdec.c b/ext/jpeg/gstjpegdec.c index ebc4cd20..136451e2 100644 --- a/ext/jpeg/gstjpegdec.c +++ b/ext/jpeg/gstjpegdec.c @@ -433,6 +433,10 @@ gst_jpeg_dec_parse_image_data (GstJpegDec * dec) /* at the very least we expect 0xff 0xNN, thus end-1 */ while (*data != 0xff && data < end - 1) ++data; + if (G_UNLIKELY (*data != 0xff)) { + GST_DEBUG ("at end of input and no next marker found, need more data"); + return 0; + } } /* Skip over extra 0xff */ while (*data == 0xff && data < end) -- cgit