demux: image: detect ICC profile before JFIF data

Fixes #18857

(cherry picked from commit 5ffd36ffa26a83ae498373f7d0ace1d82ab952f4)
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
Gbp-Pq: Name 0004-demux-image-detect-ICC-profile-before-JFIF-data.patch

diff --git a/modules/demux/image.c b/modules/demux/image.c
index 239f5d473dbee59370f3c3722304e2ace6470ca9..e72d5a4447ef3a87cd7ae80ec0441fc358639f0c 100644 (file)
--- a/modules/demux/image.c
+++ b/modules/demux/image.c
@@ -392,7 +392,7 @@ static uint8_t FindJpegMarker(size_t *position, const uint8_t *data, size_t size
 static bool IsJfif(stream_t *s)
 {
     const uint8_t *header;
-    ssize_t peek = vlc_stream_Peek(s, &header, 256);
+    ssize_t peek = vlc_stream_Peek(s, &header, 4096);
     if(peek < 256)
         return false;
     size_t size = (size_t) peek;
@@ -400,6 +400,16 @@ static bool IsJfif(stream_t *s)
 
     if (FindJpegMarker(&position, header, size) != 0xd8)
         return false;
+    if (FindJpegMarker(&position, header, size) == 0xe2) // ICC Profile
+    {
+        size_t icc_size = GetWBE(&header[position]);
+        position += 2;
+        if (position + 12 > size)
+            return false;
+        if (memcmp(&header[position], "ICC_PROFILE\0", 12))
+            return false;
+        position += icc_size - 2;
+    }
     if (FindJpegMarker(&position, header, size) != 0xe0)
         return false;
     position += 2;  /* Skip size */