From e403f3a4c4704b3a9894e61df5581af7889b43bc Mon Sep 17 00:00:00 2001
From: Mohamed Ali Chebbi <mohamedalichebbi@gmail.com>
Date: Thu, 13 Apr 2023 00:53:18 +0200
Subject: [PATCH] Current master fails with image #2565: segmentation fault
 when trying to access outofband offest

---
 src/jpgimage.cpp | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/jpgimage.cpp b/src/jpgimage.cpp
index 18361439..facb1054 100644
--- a/src/jpgimage.cpp
+++ b/src/jpgimage.cpp
@@ -152,9 +152,9 @@ void JpegBase::readMetadata() {
     const auto [sizebuf, size] = readSegmentSize(marker, *io_);
 
     // Read the rest of the segment.
-    DataBuf buf(size + 1);
+    DataBuf buf(size);
     /// \todo check if it makes sense to check for size
-    if (size > 0) {
+    if (size > 2) {
       io_->readOrThrow(buf.data(2), size - 2, ErrorCode::kerFailedToReadImageData);
       std::copy(sizebuf.begin(), sizebuf.end(), buf.begin());
     }
@@ -353,7 +353,7 @@ void JpegBase::printStructure(std::ostream& out, PrintStructureOption option, si
       const auto [sizebuf, size] = readSegmentSize(marker, *io_);
 
       // Read the rest of the segment.
-      DataBuf buf(size + 1);
+      DataBuf buf(size);
       if (size > 0) {
         io_->readOrThrow(buf.data(2), size - 2, ErrorCode::kerFailedToReadImageData);
         std::copy(sizebuf.begin(), sizebuf.end(), buf.begin());
@@ -565,7 +565,7 @@ DataBuf JpegBase::readNextSegment(byte marker) {
   const auto [sizebuf, size] = readSegmentSize(marker, *io_);
 
   // Read the rest of the segment.
-  DataBuf buf(size + 1);
+  DataBuf buf(size);
   if (size > 0) {
     io_->readOrThrow(buf.data(2), size - 2, ErrorCode::kerFailedToReadImageData);
     std::copy(sizebuf.begin(), sizebuf.end(), buf.begin());