diff mbox series

[v5,08/10] media: Quit parsing stream if doesn't start with SOI

Message ID 20201112030557.8540-9-mirela.rabulea@oss.nxp.com (mailing list archive)
State New, archived
Headers show
Series Add V4L2 driver for i.MX8 JPEG Encoder/Decoder | expand

Commit Message

Mirela Rabulea OSS Nov. 12, 2020, 3:05 a.m. UTC 
From: Mirela Rabulea <mirela.rabulea@nxp.com>

In the case we get an invalid stream, such as from v4l2-compliance
streaming test, jpeg_next_marker will end up parsing the entire
stream. The standard describes the high level syntax of a jpeg
as starting with SOI, ending with EOI, so return error if the very
first 2 bytes are not SOI.

Signed-off-by: Mirela Rabulea <mirela.rabulea@nxp.com>
---
 drivers/media/v4l2-core/v4l2-jpeg.c | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

Comments

Philipp Zabel Dec. 2, 2020, 3:18 p.m. UTC | #1 
On Thu, 2020-11-12 at 05:05 +0200, Mirela Rabulea (OSS) wrote:
> From: Mirela Rabulea <mirela.rabulea@nxp.com>
> 
> In the case we get an invalid stream, such as from v4l2-compliance
> streaming test, jpeg_next_marker will end up parsing the entire
> stream. The standard describes the high level syntax of a jpeg
> as starting with SOI, ending with EOI, so return error if the very
> first 2 bytes are not SOI.
> 
> Signed-off-by: Mirela Rabulea <mirela.rabulea@nxp.com>
> ---
>  drivers/media/v4l2-core/v4l2-jpeg.c | 7 ++-----
>  1 file changed, 2 insertions(+), 5 deletions(-)
> 
> diff --git a/drivers/media/v4l2-core/v4l2-jpeg.c b/drivers/media/v4l2-core/v4l2-jpeg.c
> index 3181ce544f79..d77e04083d57 100644
> --- a/drivers/media/v4l2-core/v4l2-jpeg.c
> +++ b/drivers/media/v4l2-core/v4l2-jpeg.c
> @@ -499,11 +499,8 @@ int v4l2_jpeg_parse_header(void *buf, size_t len, struct v4l2_jpeg_header *out)
>  	out->num_dht = 0;
>  	out->num_dqt = 0;
>  
> -	/* the first marker must be SOI */
> -	marker = jpeg_next_marker(&stream);
> -	if (marker < 0)
> -		return marker;
> -	if (marker != SOI)
> +	/* the first bytes must be SOI, B.2.1 High-level syntax */
> +	if (jpeg_get_word_be(&stream) != SOI)
>  		return -EINVAL;
>  
>  	/* init value to signal if this marker is not present */

Yes, shorter, potentially faster code, and it adheres to the
specification more strictly.

Reviewed-by: Philipp Zabel <p.zabel@pengutronix.de>

regards
Philipp
diff mbox series

Patch

diff --git a/drivers/media/v4l2-core/v4l2-jpeg.c b/drivers/media/v4l2-core/v4l2-jpeg.c
index 3181ce544f79..d77e04083d57 100644
--- a/drivers/media/v4l2-core/v4l2-jpeg.c
+++ b/drivers/media/v4l2-core/v4l2-jpeg.c
@@ -499,11 +499,8 @@  int v4l2_jpeg_parse_header(void *buf, size_t len, struct v4l2_jpeg_header *out)
 	out->num_dht = 0;
 	out->num_dqt = 0;
 
-	/* the first marker must be SOI */
-	marker = jpeg_next_marker(&stream);
-	if (marker < 0)
-		return marker;
-	if (marker != SOI)
+	/* the first bytes must be SOI, B.2.1 High-level syntax */
+	if (jpeg_get_word_be(&stream) != SOI)
 		return -EINVAL;
 
 	/* init value to signal if this marker is not present */