On Sun, 26 Mar 2017 18:11:01 +0200 Michael Niedermayer <mich...@niedermayer.cc> wrote:
> Fixes: 943/clusterfuzz-testcase-5114865297391616 > > Found-by: continuous fuzzing process > https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > --- > libavcodec/mjpegdec.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/libavcodec/mjpegdec.c b/libavcodec/mjpegdec.c > index f26e8a3f9a..e08b045fe7 100644 > --- a/libavcodec/mjpegdec.c > +++ b/libavcodec/mjpegdec.c > @@ -757,7 +757,8 @@ static int decode_block_progressive(MJpegDecodeContext > *s, int16_t *block, > uint16_t *quant_matrix, > int ss, int se, int Al, int *EOBRUN) > { > - int code, i, j, level, val, run; > + int code, i, j, val, run; > + SUINT level; > > if (*EOBRUN) { > (*EOBRUN)--; Please make the type either signed or unsigned. Making it both (depending on the debug level) just to make the fuzzer happy (or something more complicated than that?) isn't a good idea. You probably want to make it always unsigned? _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
