ffmpeg/FFmpeg
1
0
Fork 0
mirror of https://git.ffmpeg.org/ffmpeg.git synced 2024-09-20 05:16:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

vcodec/vc1: compute rangex/y only for P/B frames

Browse Source 
Fixes: left shift of 1073741824 by 1 places cannot be represented in type 'int'
Fixes: 16976/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1_fuzzer-4847262047404032

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e75e7fe160)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer 2019-09-10 20:20:31 +02:00
parent 838b359225
commit f5f0e11378
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
libavcodec/vc1.c
View File

@ -1319,16 +1319,17 @@ int ff_vc1_parse_frame_header_adv(VC1Context *v, GetBitContext* gb)
break; break;
} }
if (v->fcm != PROGRESSIVE && !v->s.quarter_sample) {
v->range_x <<= 1;
v->range_y <<= 1;
}
/* AC Syntax */ /* AC Syntax */
v->c_ac_table_index = decode012(gb); v->c_ac_table_index = decode012(gb);
if (v->s.pict_type == AV_PICTURE_TYPE_I || v->s.pict_type == AV_PICTURE_TYPE_BI) { if (v->s.pict_type == AV_PICTURE_TYPE_I || v->s.pict_type == AV_PICTURE_TYPE_BI) {
v->y_ac_table_index = decode012(gb); v->y_ac_table_index = decode012(gb);
} }
else if (v->fcm != PROGRESSIVE && !v->s.quarter_sample) {
v->range_x <<= 1;
v->range_y <<= 1;
}
/* DC Syntax */ /* DC Syntax */
v->s.dc_table_index = get_bits1(gb); v->s.dc_table_index = get_bits1(gb);
if ((v->s.pict_type == AV_PICTURE_TYPE_I || v->s.pict_type == AV_PICTURE_TYPE_BI) if ((v->s.pict_type == AV_PICTURE_TYPE_I || v->s.pict_type == AV_PICTURE_TYPE_BI)