From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

From: Daniel Axtens <dja@axtens.net>

Date: Mon, 28 Jun 2021 14:16:58 +1000

Subject: [PATCH] video/readers/jpeg: Do not reallocate a given huff table

Fix a memory leak where an invalid file could cause us to reallocate

memory for a huffman table we had already allocated memory for.

Signed-off-by: Daniel Axtens <dja@axtens.net>

Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

(cherry picked from commit bc06e12b4de55cc6f926af9f064170c82b1403e9)

---

 grub-core/video/readers/jpeg.c | 3 +++

 1 file changed, 3 insertions(+)

diff --git a/grub-core/video/readers/jpeg.c b/grub-core/video/readers/jpeg.c

index 10225abd53..caa211f06d 100644

--- a/grub-core/video/readers/jpeg.c

+++ b/grub-core/video/readers/jpeg.c

@@ -245,6 +245,9 @@ grub_jpeg_decode_huff_table (struct grub_jpeg_data *data)

 	n += count[i];

       id += ac * 2;

+      if (data->huff_value[id] != NULL)

+	return grub_error (GRUB_ERR_BAD_FILE_TYPE,

+			   "jpeg: attempt to reallocate huffman table");

       data->huff_value[id] = grub_malloc (n);

       if (grub_errno)

 	return grub_errno;