From c8535e11f5dbf35db7b60cc92ed479d9220315e4 Mon Sep 17 00:00:00 2001 From: adlee-was-taken Date: Sun, 19 Apr 2026 21:34:53 -0400 Subject: [PATCH] fix(core): correct off-by-one in imgsecret SOF bounds guard peek_jpeg_dimensions reads jpeg[i+8] as the last byte, so the guard should be \`i + 8 >= jpeg.len()\`, not \`i + 9 >= jpeg.len()\`. The old guard would reject a valid SOF marker ending exactly at len()-1. Caught in Task 2 code-quality review. --- crates/relicario-core/src/imgsecret.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crates/relicario-core/src/imgsecret.rs b/crates/relicario-core/src/imgsecret.rs index e495529..ab30a5a 100644 --- a/crates/relicario-core/src/imgsecret.rs +++ b/crates/relicario-core/src/imgsecret.rs @@ -139,7 +139,7 @@ fn peek_jpeg_dimensions(jpeg: &[u8]) -> Result<(u32, u32)> { } // SOI / EOI 0xC0..=0xC3 | 0xC5..=0xC7 | 0xC9..=0xCB | 0xCD..=0xCF => { // SOFn — height in [i+5..i+7], width in [i+7..i+9] - if i + 9 >= jpeg.len() { + if i + 8 >= jpeg.len() { return Err(RelicarioError::ImgSecret("truncated SOF marker".into())); } let height = u16::from_be_bytes([jpeg[i + 5], jpeg[i + 6]]) as u32;