From 2447cf107705193ba2018953a3b9388b50dc0db2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Qian=20Hu=20=28=E8=83=A1=E9=AA=9E=29?= Date: Wed, 14 Aug 2024 19:44:40 +0800 Subject: [PATCH] jpegparse: fix incorrect reading of transform in app14 marker "adobe" in app14 marker seem not a null-terminted string. so, when we use gst_byte_reader_get_string_utf8, more bytes will be read until null. and "gst_byte_reader_get_uint8 (&reader, &transform)" will almost fail to read transform Part-of: --- .../gst-plugins-bad/gst/jpegformat/gstjpegparse.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/subprojects/gst-plugins-bad/gst/jpegformat/gstjpegparse.c b/subprojects/gst-plugins-bad/gst/jpegformat/gstjpegparse.c index 1dda8c5f1a..b69bda4ab8 100644 --- a/subprojects/gst-plugins-bad/gst/jpegformat/gstjpegparse.c +++ b/subprojects/gst-plugins-bad/gst/jpegformat/gstjpegparse.c @@ -625,8 +625,11 @@ static gboolean gst_jpeg_parse_app14 (GstJpegParse * parse, GstJpegSegment * seg) { GstByteReader reader; - const gchar *id_str; guint8 transform; + const guint8 *id = NULL; + const guint8 adobe_tag[] = { + 'A', 'd', 'o', 'b', 'e' + }; if (seg->size < 6) /* less than 6 means no id string */ return FALSE; @@ -634,11 +637,14 @@ gst_jpeg_parse_app14 (GstJpegParse * parse, GstJpegSegment * seg) gst_byte_reader_init (&reader, seg->data + seg->offset, seg->size); gst_byte_reader_skip_unchecked (&reader, 2); - if (!gst_byte_reader_get_string_utf8 (&reader, &id_str)) + if (!gst_byte_reader_peek_data (&reader, 5, &id)) return FALSE; - if (!g_str_has_prefix (id_str, "Adobe")) { - GST_DEBUG_OBJECT (parse, "Unhandled app14: %s", id_str); + if (G_LIKELY (!memcmp (id, adobe_tag, 5))) { + if (!gst_byte_reader_skip (&reader, 5)) + return FALSE; + } else { + GST_DEBUG_OBJECT (parse, "Unhandled app14"); return TRUE; }