panicked at 'attempt to subtract with overflow' #1509
Description
This happens in jpeg_decoder::decoder::refine_non_zeroes
Expected
return error properly
Actual behaviour
thread 'main' panicked at 'attempt to subtract with overflow', /home/xsh/.cargo/registry/src/github.com-1ecc6299db9ec823/jpeg-decoder-0.1.22/src/decoder.rs:908:17
stack backtrace:
0: <std::sys_common::backtrace::_print::DisplayBacktrace as core::fmt::Display>::fmt
1: core::fmt::write
2: std::io::Write::write_fmt
3: std::panicking::default_hook::{{closure}}
4: std::panicking::default_hook
5: std::panicking::rust_panic_with_hook
6: rust_begin_unwind
7: core::panicking::panic_fmt
8: core::panicking::panic
9: jpeg_decoder::decoder::refine_non_zeroes
at /home/xsh/.cargo/registry/src/github.com-1ecc6299db9ec823/jpeg-decoder-0.1.22/src/decoder.rs:908
10: jpeg_decoder::decoder::decode_block_successive_approximation
at /home/xsh/.cargo/registry/src/github.com-1ecc6299db9ec823/jpeg-decoder-0.1.22/src/decoder.rs:869
11: jpeg_decoder::decoder::Decoder<R>::decode_scan
at /home/xsh/.cargo/registry/src/github.com-1ecc6299db9ec823/jpeg-decoder-0.1.22/src/decoder.rs:640
12: jpeg_decoder::decoder::Decoder<R>::decode_internal
at /home/xsh/.cargo/registry/src/github.com-1ecc6299db9ec823/jpeg-decoder-0.1.22/src/decoder.rs:300
13: jpeg_decoder::decoder::Decoder<R>::decode
at /home/xsh/.cargo/registry/src/github.com-1ecc6299db9ec823/jpeg-decoder-0.1.22/src/decoder.rs:186
14: <image::codecs::jpeg::decoder::JpegDecoder<R> as image::image::ImageDecoder>::read_image
at /home/xsh/.cargo/registry/src/github.com-1ecc6299db9ec823/image-0.23.14/./src/codecs/jpeg/decoder.rs:107
15: image::image::decoder_to_vec
at /home/xsh/.cargo/registry/src/github.com-1ecc6299db9ec823/image-0.23.14/./src/image.rs:492
16: image::dynimage::decoder_to_image
at /home/xsh/.cargo/registry/src/github.com-1ecc6299db9ec823/image-0.23.14/./src/dynimage.rs:1112
17: image::dynimage::DynamicImage::from_decoder
at /home/xsh/.cargo/registry/src/github.com-1ecc6299db9ec823/image-0.23.14/./src/dynimage.rs:194
18: image::io::free_functions::load
at /home/xsh/.cargo/registry/src/github.com-1ecc6299db9ec823/image-0.23.14/./src/io/free_functions.rs:69
19: image::dynimage::load_from_memory_with_format
at /home/xsh/.cargo/registry/src/github.com-1ecc6299db9ec823/image-0.23.14/./src/dynimage.rs:1320
20: image::dynimage::load_from_memory
at /home/xsh/.cargo/registry/src/github.com-1ecc6299db9ec823/image-0.23.14/./src/dynimage.rs:1305
21: imagefuzzvrf::main
at ./image-vrf.rs:8
22: std::rt::lang_start::{{closure}}
at /home/xsh/code/rust-compiler/src/libstd/rt.rs:67
23: std::rt::lang_start_internal
24: std::rt::lang_start
at /home/xsh/code/rust-compiler/src/libstd/rt.rs:67
25: main
26: __libc_start_main
27: _start
Reproduction steps
Input: in.txt
fn main() {
let data = std::fs::read("in.txt").unwrap();
let _ = image::load_from_memory(&data);
}