From 8036516c7d2d6b0107c5b3ade3d326a6621d20df Mon Sep 17 00:00:00 2001 From: Ryan Oldenburg Date: Mon, 16 May 2022 18:36:56 -0500 Subject: [PATCH] validate --- src/pixie/fileformats/jpeg.nim | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/pixie/fileformats/jpeg.nim b/src/pixie/fileformats/jpeg.nim index 54abc49..ad1ec8d 100644 --- a/src/pixie/fileformats/jpeg.nim +++ b/src/pixie/fileformats/jpeg.nim @@ -212,7 +212,7 @@ proc decodeDHT(state: var DecoderState) = proc decodeSOF0(state: var DecoderState) = ## Decode start of Frame - var len = state.readUint16be() - 2 + var len = state.readUint16be().int - 2 let precision = state.readUint8() if precision != 8: @@ -230,6 +230,8 @@ proc decodeSOF0(state: var DecoderState) = if numComponents notin {1, 3}: failInvalid("unsupported component count, must be 1 or 3") + len -= 6 + for i in 0 ..< numComponents: var component = Component() component.id = state.readUint8() @@ -250,6 +252,8 @@ proc decodeSOF0(state: var DecoderState) = component.quantizationTableId = quantizationTableId state.components.add(component) + len -= 3 * numComponents + for component in state.components.mitems: state.maxXScale = max(state.maxXScale, component.xScale) state.maxYScale = max(state.maxYScale, component.yScale) @@ -292,6 +296,9 @@ proc decodeSOF0(state: var DecoderState) = component.widthStride * component.heightStride ) + if len != 0: + failInvalid() + proc decodeSOF1(state: var DecoderState) = failInvalid("unsupported extended sequential DCT format")