Fix buf image mode decompr err w/ short prog JPEGs

Regression introduced by 6d91e95

Because we're now using a 5x5 smoothing window when decompressing
progressive JPEG images, we need to ensure that the whole_image virtual
array contains at least five rows.  Previously that was not always the
case unless the progressive JPEG image being decompressed had at least
five iMCU rows.  Since an iMCU has a height of (8 * the vertical
sampling factor), attempting to decompress 4:2:2 and 4:4:4 images <= 32
pixels in height or 4:2:0 images <= 64 pixels in height triggered a
JERR_BAD_VIRTUAL_ACCESS error in decompress_smooth_data(), because
access_rows exceeded the number of rows in the virtual array.

Fixes #613

Author: dcommander

ChangeLog.md

@@ -17,6 +17,11 @@ OS X/PowerPC systems if AltiVec instructions are not enabled at compile time.
 This allows both AltiVec-equipped (PowerPC G4 and G5) and non-AltiVec-equipped
 (PowerPC G3) CPUs to be supported using the same build of libjpeg-turbo.
 
+4. Fixed an error ("Bogus virtual array access") that occurred when attempting
+to decompress a progressive JPEG image with a height less than or equal to
+(32 * the vertical sampling factor) using buffered image mode.  This was a
+regression introduced by 2.1 beta1[6(b)].
+
 
 2.1.3
 =====

jdcoefct.c

@@ -5,7 +5,7 @@
  * Copyright (C) 1994-1997, Thomas G. Lane.
  * libjpeg-turbo Modifications:
  * Copyright 2009 Pierre Ossman <[email protected]> for Cendio AB
- * Copyright (C) 2010, 2015-2016, 2019-2020, D. R. Commander.
+ * Copyright (C) 2010, 2015-2016, 2019-2020, 2022, D. R. Commander.
  * Copyright (C) 2015, 2020, Google, Inc.
  * For conditions of distribution and use, see the accompanying README.ijg
  * file.
@@ -835,18 +835,21 @@ jinit_d_coef_controller(j_decompress_ptr cinfo, boolean need_full_buffer)
 
     for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
          ci++, compptr++) {
+      JDIMENSION num_rows =
+        (JDIMENSION)jround_up((long)compptr->height_in_blocks,
+                              (long)compptr->v_samp_factor);
       access_rows = compptr->v_samp_factor;
 #ifdef BLOCK_SMOOTHING_SUPPORTED
       /* If block smoothing could be used, need a bigger window */
-      if (cinfo->progressive_mode)
+      if (cinfo->progressive_mode) {
         access_rows *= 5;
+        num_rows = MAX(num_rows, access_rows);
+      }
 #endif
       coef->whole_image[ci] = (*cinfo->mem->request_virt_barray)
         ((j_common_ptr)cinfo, JPOOL_IMAGE, TRUE,
          (JDIMENSION)jround_up((long)compptr->width_in_blocks,
-                               (long)compptr->h_samp_factor),
-         (JDIMENSION)jround_up((long)compptr->height_in_blocks,
-                               (long)compptr->v_samp_factor),
+                               (long)compptr->h_samp_factor), num_rows,
          (JDIMENSION)access_rows);
     }
     coef->pub.consume_data = consume_data;