github-mirrors/FFmpeg
1
0
Fork 0
mirror of https://mirror.skon.top/https://github.com/FFmpeg/FFmpeg synced 2026-04-20 21:00:41 +08:00
Code Issues Packages Projects Releases Wiki Activity

avcodec/jpeg2000dec: fix integer overflow in dequantization_int_97()

Browse Source 
Fixes: signed integer overflow: 2147483640 + 32 cannot be represented in type 'int'
Fixes: 473569764/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_DEC_fuzzer-5377306970619904

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer
2026-02-21 01:42:31 +01:00
parent 8429aec5e4
commit fa2aec73ed
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libavcodec/jpeg2000dec.c
View File

@@ -2201,7 +2201,7 @@ static void dequantization_int_97(int x, int y, Jpeg2000Cblk *cblk,
if (val < 0) // Convert sign-magnitude to two's complement
val = -(val & INT32_MAX);
// Shifting down to prevent overflow in dequantization
val = (val + (1 << (PRESCALE - 1))) >> PRESCALE;
val = (val + (1LL << (PRESCALE - 1))) >> PRESCALE;
datap[i] = RSHIFT(val * (int64_t)band->i_stepsize, 16);
}
}