From 11194518e460c239142e86420960dfc765360490 Mon Sep 17 00:00:00 2001
From: Lutz Mueller <lutz.s.mueller@gmail.com>
Date: Sun, 28 Sep 2003 20:00:06 +0200
Subject: [PATCH] *** empty log message ***

---
 libjpeg/jpeg-data.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/libjpeg/jpeg-data.c b/libjpeg/jpeg-data.c
index 21c7a12..f6a4ca2 100644
--- a/libjpeg/jpeg-data.c
+++ b/libjpeg/jpeg-data.c
@@ -206,6 +206,7 @@ jpeg_data_load_data (JPEGData *data, const unsigned char *d,
 		jpeg_data_append_section (data);
 		s = &data->sections[data->count - 1];
 		s->marker = marker;
+		s->content.generic.data = NULL;
 		o += i + 1;
 
 		switch (s->marker) {
@@ -216,7 +217,9 @@ jpeg_data_load_data (JPEGData *data, const unsigned char *d,
 
 			/* Read the length of the section */
 			len = ((d[o] << 8) | d[o + 1]) - 2;
+			if (len > size) { o = size; break; }
 			o += 2;
+			if (o + len > size) { o = size; break; }
 
 			switch (s->marker) {
 			case JPEG_MARKER_APP1:
-- 
2.7.4