On Sun, Mar 26, 2017 at 06:51:11PM +0200, wm4 wrote: > On Sun, 26 Mar 2017 18:11:01 +0200 > Michael Niedermayer <mich...@niedermayer.cc> wrote: > > > Fixes: 943/clusterfuzz-testcase-5114865297391616 > > > > Found-by: continuous fuzzing process > > https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg > > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > > --- > > libavcodec/mjpegdec.c | 3 ++- > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > diff --git a/libavcodec/mjpegdec.c b/libavcodec/mjpegdec.c > > index f26e8a3f9a..e08b045fe7 100644 > > --- a/libavcodec/mjpegdec.c > > +++ b/libavcodec/mjpegdec.c > > @@ -757,7 +757,8 @@ static int decode_block_progressive(MJpegDecodeContext > > *s, int16_t *block, > > uint16_t *quant_matrix, > > int ss, int se, int Al, int *EOBRUN) > > { > > - int code, i, j, level, val, run; > > + int code, i, j, val, run; > > + SUINT level; > > > > if (*EOBRUN) { > > (*EOBRUN)--; > > Please make the type either signed or unsigned. Making it both > (depending on the debug level) just to make the fuzzer happy (or > something more complicated than that?) isn't a good idea. You probably > want to make it always unsigned?
No, i want to make it SUINT If it is always unsigned then its not possible to detect overflows without explicitly checking for overflows. If it is SUINT then ubsan can be used to detect overflows, this is usefull to test files showing artifacts but no decode errors. [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB I am the wisest man alive, for I know one thing, and that is that I know nothing. -- Socrates
signature.asc
Description: Digital signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel