breeze/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2026-01-12 00:06:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

avcodec/jpeg2000htdec: Check pLSB

Browse Source 
Fixes: negative shift and other undefined shifts
Fixes: 462335934/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_DEC_fuzzer-4538493775970304

Found-by:  continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer
2025-12-22 22:56:10 +01:00
committed by michaelni
parent 0629780cf6
commit 224b3ff82a
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
libavcodec/jpeg2000htdec.c
View File

@@ -1263,6 +1263,11 @@ ff_jpeg2000_decode_htj2k(const Jpeg2000DecoderContext *s, Jpeg2000CodingStyle *c
cblk->zbp = S_blk - 1;
pLSB = 30 - S_blk;
if (pLSB <= 1 || pLSB >= 31) {
avpriv_request_sample(s->avctx, "pLSB %d", pLSB);
return AVERROR_PATCHWELCOME;
}
Scup = (Dcup[Lcup - 1] << 4) + (Dcup[Lcup - 2] & 0x0F);
if (Scup < 2 || Scup > Lcup || Scup > 4079) {