From eb4408291597609c48bf3871a36dd4abdcd5c538 Mon Sep 17 00:00:00 2001
From: Nigel Tao <nigeltao@golang.org>
Date: Thu, 9 Apr 2015 11:39:21 +1000
Subject: [PATCH] image/jpeg: reject multiple Start-Of-Frame markers.

Fixes #10389

Change-Id: Id1c687122751f9317041d9e425d03b267a26c6de
Reviewed-on: https://go-review.googlesource.com/8681
Reviewed-by: Rob Pike <r@golang.org>
---
 src/image/jpeg/reader.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/image/jpeg/reader.go b/src/image/jpeg/reader.go
index 6a86472046..2c3c2f72f8 100644
--- a/src/image/jpeg/reader.go
+++ b/src/image/jpeg/reader.go
@@ -298,6 +298,9 @@ func (d *decoder) ignore(n int) error {
 
 // Specified in section B.2.2.
 func (d *decoder) processSOF(n int) error {
+	if d.nComp != 0 {
+		return FormatError("multiple SOF markers")
+	}
 	switch n {
 	case 6 + 3*1: // Grayscale image.
 		d.nComp = 1
-- 
2.48.1