This closes issue #30. Thanks to [Arron](https://github.com/boxerab) …

…for highlighting this issue.

Now there is additional 8 bytes in front of the codeblock buffer at the decoder.  This extra buffer is a protection against the VLC decoder reading from before the start of the cleanup pass, which can happen because we are reading 4 bytes from the VLC segment at a time.
Additional improvements:
1. Bug fix in ojph_block_encoder.
2. Hardened the code by not decoding incomplete codeblocks.

src/core/codestream/ojph_codestream.cpp

@@ -2939,12 +2939,8 @@ namespace ojph {
       int avail_bits;
       bool unstuff;
       int bytes_left;
-      static const int extra_buffer_space;
     };
 
-    //////////////////////////////////////////////////////////////////////////
-    const int bit_read_buf::extra_buffer_space = 8;
-
     //////////////////////////////////////////////////////////////////////////
     static inline
     void bb_init(bit_read_buf *bbp, int bytes_left, infile_base* file)
@@ -3019,11 +3015,13 @@ namespace ojph {
     {
       assert(bbp->avail_bits == 0 && bbp->unstuff == false);
       int bytes = ojph_min(num_bytes, bbp->bytes_left);
-      elastic->get_buffer(bytes + bit_read_buf::extra_buffer_space,
-                          cur_coded_list);
-      size_t bytes_read = bbp->file->read(cur_coded_list->buf, bytes);
+      elastic->get_buffer(bytes + coded_cb_header::prefix_buf_size
+        + coded_cb_header::suffix_buf_size, cur_coded_list);
+      size_t bytes_read = bbp->file->read(
+        cur_coded_list->buf + coded_cb_header::prefix_buf_size, bytes);
       if (num_bytes > bytes_read)
-        memset(cur_coded_list->buf + bytes, 0, num_bytes - bytes_read);
+        memset(cur_coded_list->buf + coded_cb_header::prefix_buf_size + bytes, 
+          0, num_bytes - bytes_read);
       bbp->bytes_left -= bytes_read;
       return bytes_read == bytes;
     }
@@ -3270,7 +3268,14 @@ namespace ojph {
             int num_bytes = cp->pass_length[0] + cp->pass_length[1];
             if (num_bytes)
               if (!bb_read_chunk(&bb, num_bytes, cp->next_coded, elastic))
-              { data_left = bb.bytes_left; assert(data_left == 0); return; }
+              { 
+                //no need to decode a broken codeblock, decoding is a 
+                // security risk
+                cp->pass_length[0] = cp->pass_length[1] = 0;
+                data_left = bb.bytes_left; 
+                assert(data_left == 0); 
+                return; 
+              }
           }
         }
       }
@@ -3689,9 +3694,10 @@ namespace ojph {
     //////////////////////////////////////////////////////////////////////////
     void codeblock::decode()
     {
-      if (coded_cb->num_passes > 0)
+      if (coded_cb->pass_length[0] > 0 && coded_cb->num_passes > 0)
       {
-        ojph_decode_codeblock(coded_cb->next_coded->buf,
+        ojph_decode_codeblock(
+          coded_cb->next_coded->buf + coded_cb_header::prefix_buf_size,
           buf, coded_cb->missing_msbs, coded_cb->num_passes,
           coded_cb->pass_length[0], coded_cb->pass_length[1],
           cb_size.w, cb_size.h, cb_size.w);

src/core/codestream/ojph_codestream_local.h

@@ -353,6 +353,9 @@ namespace ojph {
       int Kmax;
       int missing_msbs;
       coded_lists *next_coded;
+
+      static const int prefix_buf_size = 8;
+      static const int suffix_buf_size = 8;
     };
 
   }

src/core/coding/ojph_block_encoder.cpp

@@ -713,6 +713,7 @@ namespace ojph {
         rho[0] = rho[1] = 0; e_qmax[0] = e_qmax[1] = 0;
       }
 
+      lep[1] = 0;
 
       for (y = 2; y < height; y += 2)
       {

src/core/common/ojph_defs.h

@@ -58,7 +58,7 @@ typedef int64_t si64;
 /////////////////////////////////////////////////////////////////////////////
 #define OJPH_CORE_VER_MAJOR    0
 #define OJPH_CORE_VER_MINOR    6
-#define OJPH_CORE_VER_SUBMINOR 3
+#define OJPH_CORE_VER_SUBMINOR 4
 
 /////////////////////////////////////////////////////////////////////////////
 #define OJPH_INT_STRINGIFY(I) #I