From f94cb445182d51e2814da85fe0fe87ecd08e8c7d Mon Sep 17 00:00:00 2001
From: William Bader <william@newspapersystems.com>
Date: Sun, 1 Sep 2024 08:04:25 +0200
Subject: [PATCH] xvjpeg.c: Fix a bad memory access on jpegs with inverted data

---
 src/xvjpeg.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/xvjpeg.c b/src/xvjpeg.c
index badde04..3a0c4bb 100644
--- a/src/xvjpeg.c
+++ b/src/xvjpeg.c
@@ -693,13 +693,14 @@ int LoadJFIF(char *fname, PICINFO *pinfo, int quick)
     if (cinfo.saw_Adobe_marker) { /* assume inverted data */
       register byte *q = pic;
 
-      do {
+      while (q < pic_end) {
         register int cmy, k = 255 - q[3];
 
         if ((cmy = *q++ - k) < 0) { cmy = 0; } *p++ = cmy; /* R */
         if ((cmy = *q++ - k) < 0) { cmy = 0; } *p++ = cmy; /* G */
         if ((cmy = *q++ - k) < 0) { cmy = 0; } *p++ = cmy; /* B */
-      } while (++q <= pic_end);
+        q++;
+      }
     }
     else { /* assume normal data */
       register byte *q = pic;