LibGfx/JPEG: Allow random bytes between segments

LucasChollet · LucasChollet · commit 02c6486a8ce8 · 2025-02-15T18:24:09.000-05:00
diff --git a/Userland/Libraries/LibGfx/ImageFormats/JPEGLoader.cpp b/Userland/Libraries/LibGfx/ImageFormats/JPEGLoader.cpp
@@ -889,24 +889,14 @@ static inline bool is_supported_marker(Marker const marker)
     return false;
 }
 
-static inline ErrorOr<Marker> read_marker_at_cursor(JPEGStream& stream)
+static inline ErrorOr<Marker> read_until_marker(JPEGStream& stream)
 {
     u16 marker = TRY(stream.read_u16());
 
-    if (marker == 0xFFFF) {
-        u8 next { 0xFF };
+    while (!is_supported_marker(marker))
+        marker = marker << 8 | TRY(stream.read_u8());
 
-        while (next == 0xFF)
-            next = TRY(stream.read_u8());
-
-        marker = 0xFF00 | next;
-    }
-
-    if (is_supported_marker(marker))
-        return marker;
-
-    dbgln_if(JPEG_DEBUG, "Unsupported marker: {:#04x} around offset {:#x}", marker, stream.byte_offset());
-    return Error::from_string_literal("Reached an unsupported marker");
+    return marker;
 }
 
 static ErrorOr<u16> read_effective_chunk_size(JPEGStream& stream)
@@ -1881,13 +1871,13 @@ static ErrorOr<void> handle_miscellaneous_or_table(JPEGStream& stream, JPEGLoadi
 
 static ErrorOr<void> parse_header(JPEGStream& stream, JPEGLoadingContext& context)
 {
-    auto marker = TRY(read_marker_at_cursor(stream));
+    auto marker = TRY(read_until_marker(stream));
     if (marker != JPEG_SOI) {
         dbgln_if(JPEG_DEBUG, "SOI not found: {:x}!", marker);
         return Error::from_string_literal("SOI not found");
     }
     for (;;) {
-        marker = TRY(read_marker_at_cursor(stream));
+        marker = TRY(read_until_marker(stream));
 
         if (is_miscellaneous_or_table_marker(marker)) {
             TRY(handle_miscellaneous_or_table(stream, context, marker));
@@ -1955,7 +1945,7 @@ static ErrorOr<Vector<Macroblock>> construct_macroblocks(JPEGLoadingContext& con
     Vector<Macroblock> macroblocks;
     TRY(macroblocks.try_resize(context.mblock_meta.padded_total));
 
-    Marker marker = TRY(read_marker_at_cursor(context.stream));
+    Marker marker = TRY(read_until_marker(context.stream));
     while (true) {
         if (is_miscellaneous_or_table_marker(marker)) {
             TRY(handle_miscellaneous_or_table(context.stream, context, marker));
@@ -1969,7 +1959,7 @@ static ErrorOr<Vector<Macroblock>> construct_macroblocks(JPEGLoadingContext& con
             return Error::from_string_literal("Unexpected marker");
         }
 
-        marker = TRY(read_marker_at_cursor(context.stream));
+        marker = TRY(read_until_marker(context.stream));
     }
 }
 
