Commit c76f4a08263b0cea40d2967560ac7c21f6959079
2019-12-05T13:12:28
Huffman enc.: Fix very rare local buffer overrun ... detected by ASan. This is a similar issue to the issue that was fixed with 402a715f82313384ef4606660c32d8678c79f197. Apparently it is possible to create a malformed JPEG image that exceeds the Huffman encoder's 256-byte local buffer when attempting to losslessly tranform the image. That makes sense, given that it was necessary to extend the Huffman decoder's local buffer to 512 bytes in order to handle all pathological cases (refer to 0463f7c9aad060fcd56e98d025ce16185279e2bc.) Since this issue affected only lossless transformation, a workflow that isn't generally exposed to arbitrary data exploits, and since the overrun did not overflow the stack (i.e. it did not result in a segfault or other user-visible issue, and valgrind didn't even detect it), it did not likely pose a security risk. Fixes #392