From aac34630d407dcc6b4a21d1af67b1fd1d9239a22 Mon Sep 17 00:00:00 2001
From: Kevin Backhouse <kevinbackhouse@github.com>
Date: Tue, 27 Apr 2021 11:06:56 +0100
Subject: [PATCH] Fix infinite loop caused by subBox with zero size.

(cherry picked from commit 2736126e7b92c5654f56620c097f9a4580c0f73b)
---
 src/jp2image.cpp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/jp2image.cpp b/src/jp2image.cpp
index 1d0ef2d4bc..185fede030 100644
--- a/src/jp2image.cpp
+++ b/src/jp2image.cpp
@@ -670,6 +670,7 @@ static void boxes_check(size_t b,size_t m)
 #ifdef EXIV2_DEBUG_MESSAGES
                 std::cout << "Jp2Image::encodeJp2Header subbox: "<< toAscii(subBox.type) << " length = " << subBox.length << std::endl;
 #endif
+                enforce(subBox.length > 0, Exiv2::kerCorruptedMetadata);
                 enforce(subBox.length <= length - count, Exiv2::kerCorruptedMetadata);
                 count        += subBox.length;
                 newBox.type   = subBox.type;