aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--fiv-io.c6
-rw-r--r--tiffer.h10
2 files changed, 11 insertions, 5 deletions
diff --git a/fiv-io.c b/fiv-io.c
index c434773..5c18daf 100644
--- a/fiv-io.c
+++ b/fiv-io.c
@@ -1263,7 +1263,7 @@ parse_mpf_index_ifd(struct tiffer *T)
static bool
parse_mpf(
- GPtrArray *individuals, const uint8_t *mpf, size_t len, const uint8_t *end)
+ GPtrArray *individuals, const uint8_t *mpf, size_t len, size_t total_len)
{
struct tiffer T;
if (!tiffer_init(&T, mpf, len) || !tiffer_next_ifd(&T))
@@ -1274,7 +1274,7 @@ parse_mpf(
uint32_t *offsets = parse_mpf_index_ifd(&T);
if (offsets) {
for (const uint32_t *o = offsets; *o; o++)
- if (*o <= end - mpf)
+ if (*o <= total_len)
g_ptr_array_add(individuals, (gpointer) mpf + *o);
free(offsets);
}
@@ -1378,7 +1378,7 @@ parse_jpeg_metadata(const char *data, size_t len, struct jpeg_metadata *meta)
if (meta->mpf && marker == APP2 && p - payload >= 8 &&
!memcmp(payload, "MPF\0", 4) && !meta->mpf->len) {
payload += 4;
- parse_mpf(meta->mpf, payload, p - payload, end);
+ parse_mpf(meta->mpf, payload, p - payload, end - payload);
}
// TODO(p): Extract the main XMP segment.
diff --git a/tiffer.h b/tiffer.h
index b4e582e..870ad26 100644
--- a/tiffer.h
+++ b/tiffer.h
@@ -156,12 +156,18 @@ tiffer_next_ifd(struct tiffer *self)
return tiffer_u16(self, &self->remaining_fields);
}
+static size_t
+tiffer_length(const struct tiffer *self)
+{
+ return self->begin > self->end ? 0 : self->end - self->begin;
+}
+
/// Initialize a derived TIFF reader for a subIFD at the given location.
static bool
tiffer_subifd(
const struct tiffer *self, uint32_t offset, struct tiffer *subreader)
{
- if (self->begin > self->end || self->end - self->begin < offset)
+ if (tiffer_length(self) < offset)
return false;
*subreader = *self;
@@ -332,7 +338,7 @@ tiffer_next_entry(struct tiffer *self, struct tiffer_entry *entry)
if (values_size <= sizeof offset) {
entry->p = self->p;
self->p += sizeof offset;
- } else if (tiffer_u32(self, &offset) && self->end - self->begin >= offset) {
+ } else if (tiffer_u32(self, &offset) && tiffer_length(self) >= offset) {
entry->p = self->begin + offset;
} else {
return false;