media: Quit parsing stream if doesn't start with SOI

In the case we get an invalid stream, such as from v4l2-compliance
streaming test, jpeg_next_marker will end up parsing the entire
stream. The standard describes the high level syntax of a jpeg
as starting with SOI, ending with EOI, so return error if the very
first 2 bytes are not SOI.

Signed-off-by: Mirela Rabulea <mirela.rabulea@nxp.com>
Reviewed-by: Philipp Zabel <p.zabel@pengutronix.de>
Signed-off-by: Hans Verkuil <hverkuil-cisco@xs4all.nl>
Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>

diff --git a/drivers/media/v4l2-core/v4l2-jpeg.c b/drivers/media/v4l2-core/v4l2-jpeg.c
index ede40f2a5456036551d3a19498a94e8b01bd3dd9..c4c0d6dd4577986a58caa80480f2781baa63c5d3 100644 (file)
--- a/drivers/media/v4l2-core/v4l2-jpeg.c
+++ b/drivers/media/v4l2-core/v4l2-jpeg.c
@@ -503,11 +503,8 @@ int v4l2_jpeg_parse_header(void *buf, size_t len, struct v4l2_jpeg_header *out)
        out->num_dht = 0;
        out->num_dqt = 0;
 
-       /* the first marker must be SOI */
-       marker = jpeg_next_marker(&stream);
-       if (marker < 0)
-               return marker;
-       if (marker != SOI)
+       /* the first bytes must be SOI, B.2.1 High-level syntax */
+       if (jpeg_get_word_be(&stream) != SOI)
                return -EINVAL;
 
        /* init value to signal if this marker is not present */