[jpegli] fix buffer overflow when chroma component has refinement #15
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See issue 14 for context.
Under certain conditions, num_refinement_bits is computed wrongly causing a heap-buffer-overflow in jpegli's TokenizeACRefinementScan in https://github.com/google/jpegli/blob/main/lib/jpegli/entropy_coding.cc#L255
The problem seems to be function TokenizeJpeg which only has a single 1D array int num_refinement_scans[DCTSIZE2] to keep track of number of refinement passes for each DCT coefficient. This is inadequate when multiple color components have different refinement sequences.
Description
Pull Request Checklist
./ci.sh lint
for automatic code formatting.Please review the full contributing guidelines for more details.