summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBoris Gjenero <boris.gjenero@gmail.com>2016-01-06 00:46:42 -0500
committerGerrit Rockbox <gerrit@rockbox.org>2016-04-01 19:29:41 +0200
commit26697d08912feecd3c0c924773d518d1720f0640 (patch)
treef68906327c04fad29344f1ae30ec2c622b32c970
parent25fc7f1860f31ae31f14f17449fae8105d21f628 (diff)
downloadrockbox-26697d08912feecd3c0c924773d518d1720f0640.tar.gz
rockbox-26697d08912feecd3c0c924773d518d1720f0640.zip
Fix FS#12981 JPEG decoding problem when entropy data starts with FF
This changes JPEG fill and invalid byte handling to be like mozjpeg, and bases entropy data start on SOS marker location. Thanks to Stefan Waldmann and Dean Tersigni for reporting. Change-Id: I3c79cc6ac8d714fdc75c12b57ba427d611c99519 Chaange-Id: Ibc7c17d38d5be63642bdaf6adfd6acc2a6cf4450
Diffstat
-rw-r--r--apps/plugins/imageviewer/jpeg/jpeg_decoder.c20
-rw-r--r--apps/recorder/jpeg_common.h1
-rw-r--r--apps/recorder/jpeg_load.c15
3 files changed, 18 insertions, 18 deletions
diff --git a/apps/plugins/imageviewer/jpeg/jpeg_decoder.c b/apps/plugins/imageviewer/jpeg/jpeg_decoder.c
index 0adff53788..342b59c6a4 100644
--- a/apps/plugins/imageviewer/jpeg/jpeg_decoder.c
+++ b/apps/plugins/imageviewer/jpeg/jpeg_decoder.c
@@ -507,29 +507,27 @@ static void idct8x8(unsigned char* p_byte, int* inptr, int* quantptr, int skip_l
507/* Preprocess the JPEG JFIF file */ 507/* Preprocess the JPEG JFIF file */
508int process_markers(unsigned char* p_src, long size, struct jpeg* p_jpeg) 508int process_markers(unsigned char* p_src, long size, struct jpeg* p_jpeg)
509{ 509{
510 unsigned char* p_bytes = p_src; 510 unsigned char* p_end = p_src + size;
511 int marker_size; /* variable length of marker segment */ 511 int marker_size; /* variable length of marker segment */
512 int i, j, n; 512 int i, j, n;
513 int ret = 0; /* returned flags */ 513 int ret = 0; /* returned flags */
514 514
515 p_jpeg->p_entropy_end = p_src + size; 515 p_jpeg->p_entropy_end = p_end;
516 516
517 while (p_src < p_bytes + size) 517 while (p_src < p_end)
518 { 518 {
519 if (*p_src++ != 0xFF) /* no marker? */ 519 if (*p_src++ != 0xFF) /* no marker? */
520 { 520 {
521 p_src--; /* it's image data, put it back */ 521 continue; /* discard */
522 p_jpeg->p_entropy_data = p_src;
523 break; /* exit marker processing */
524 } 522 }
525 523
526 switch (*p_src++) 524 switch (*p_src++)
527 { 525 {
528 case 0xFF: /* Fill byte */ 526 case 0xFF: /* Previous FF was fill byte */
529 ret |= FILL_FF; 527 p_src--; /* This FF could be start of a marker */
530 case 0x00: /* Zero stuffed byte - entropy data */
531 p_src--; /* put it back */
532 continue; 528 continue;
529 case 0x00: /* Zero stuffed byte - discard */
530 break;
533 531
534 case 0xC0: /* SOF Huff - Baseline DCT */ 532 case 0xC0: /* SOF Huff - Baseline DCT */
535 { 533 {
@@ -657,6 +655,8 @@ int process_markers(unsigned char* p_src, long size, struct jpeg* p_jpeg)
657 p_jpeg->scanheader[i].AC_select = *p_src++ & 0x0F; 655 p_jpeg->scanheader[i].AC_select = *p_src++ & 0x0F;
658 } 656 }
659 p_src += 3; /* skip spectral information */ 657 p_src += 3; /* skip spectral information */
658 p_jpeg->p_entropy_data = p_src;
659 p_end = p_src; /* exit while loop */
660 } 660 }
661 break; 661 break;
662 662
diff --git a/apps/recorder/jpeg_common.h b/apps/recorder/jpeg_common.h
index 061cfc8e64..c2abce8f49 100644
--- a/apps/recorder/jpeg_common.h
+++ b/apps/recorder/jpeg_common.h
@@ -139,7 +139,6 @@ struct bitstream
139#define HUFFTAB 0x0001 /* with huffman table */ 139#define HUFFTAB 0x0001 /* with huffman table */
140#define QUANTTAB 0x0002 /* with quantization table */ 140#define QUANTTAB 0x0002 /* with quantization table */
141#define APP0_JFIF 0x0004 /* with APP0 segment following JFIF standard */ 141#define APP0_JFIF 0x0004 /* with APP0 segment following JFIF standard */
142#define FILL_FF 0x0008 /* with 0xFF padding bytes at begin/end */
143#define SOF0 0x0010 /* with SOF0-Segment */ 142#define SOF0 0x0010 /* with SOF0-Segment */
144#define DHT 0x0020 /* with Definition of huffman tables */ 143#define DHT 0x0020 /* with Definition of huffman tables */
145#define SOS 0x0040 /* with Start-of-Scan segment */ 144#define SOS 0x0040 /* with Start-of-Scan segment */
diff --git a/apps/recorder/jpeg_load.c b/apps/recorder/jpeg_load.c
index 46b7cc9bc5..e326d1c18a 100644
--- a/apps/recorder/jpeg_load.c
+++ b/apps/recorder/jpeg_load.c
@@ -956,25 +956,25 @@ static int process_markers(struct jpeg* p_jpeg)
956 int marker_size; /* variable length of marker segment */ 956 int marker_size; /* variable length of marker segment */
957 int i, j, n; 957 int i, j, n;
958 int ret = 0; /* returned flags */ 958 int ret = 0; /* returned flags */
959 bool done = false;
959 960
960 while ((c = e_getc(p_jpeg, -1))) 961 while (!done && (c = e_getc(p_jpeg, -1)))
961 { 962 {
962 if (c != 0xFF) /* no marker? */ 963 if (c != 0xFF) /* no marker? */
963 { 964 {
964 JDEBUGF("Non-marker data\n"); 965 JDEBUGF("Non-marker data\n");
965 jpeg_putc(p_jpeg); 966 continue; /* discard */
966 break; /* exit marker processing */
967 } 967 }
968 968
969 c = e_getc(p_jpeg, -1); 969 c = e_getc(p_jpeg, -1);
970 JDEBUGF("marker value %X\n",c); 970 JDEBUGF("marker value %X\n",c);
971 switch (c) 971 switch (c)
972 { 972 {
973 case 0xFF: /* Fill byte */ 973 case 0xFF: /* Previous FF was fill byte */
974 ret |= FILL_FF; 974 jpeg_putc(p_jpeg); /* This FF could be start of a marker */
975 case 0x00: /* Zero stuffed byte - entropy data */
976 jpeg_putc(p_jpeg);
977 continue; 975 continue;
976 case 0x00: /* Zero stuffed byte */
977 break; /* discard */
978 978
979 case 0xC0: /* SOF Huff - Baseline DCT */ 979 case 0xC0: /* SOF Huff - Baseline DCT */
980 { 980 {
@@ -1132,6 +1132,7 @@ static int process_markers(struct jpeg* p_jpeg)
1132 } 1132 }
1133 /* skip spectral information */ 1133 /* skip spectral information */
1134 e_skip_bytes(p_jpeg, marker_size); 1134 e_skip_bytes(p_jpeg, marker_size);
1135 done = true;
1135 } 1136 }
1136 break; 1137 break;
1137 1138
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-22 15:45:46 +0000