Commit dc4a93fab38b42d29b89a533409e012570180e28
2022-12-07T13:37:16
jpegtran: Fix FPE w/ -drop & -trim on corrupt JPEG requant_comp() in transupp.c, a function that supports the jpegtran -drop option, borrows code from the C quantization function in order to re-quantize the coefficients from the dropped image. However, the function does not guard against the possibility that a corrupt source image could inject quantization table values equal to 0, thus causing a divide-by-zero error. Since this error affected only jpegtran and not any of the libraries (the tjTransform() function in the TurboJPEG API does not expose the image drop feature), it did not represent a security risk. In fact, this commit does not change the output of jpegtran when attempting to transform the aforementioned corrupt source image. It merely eliminates the floating point exception. Like most issues of this type, however, eliminating the error prevents it from hiding legitimate security issues that may later be introduced. Fixes #635 Fixes #636