PR #21273 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/21273 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/21273.patch
Fixes: shift exponent -1 is negative Fixes: 429330004/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_DEC_fuzzer-4733213845291008 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]> >From 4b7bf41ff0d77bccad4ffea7f4dfbc438bcfbc14 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer <[email protected]> Date: Mon, 22 Dec 2025 23:17:24 +0100 Subject: [PATCH] avcodec/jpeg2000dec: Make M_b check broader Fixes: shift exponent -1 is negative Fixes: 429330004/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_DEC_fuzzer-4733213845291008 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]> --- libavcodec/jpeg2000dec.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libavcodec/jpeg2000dec.c b/libavcodec/jpeg2000dec.c index de1a73b92b..276c0a6e43 100644 --- a/libavcodec/jpeg2000dec.c +++ b/libavcodec/jpeg2000dec.c @@ -2270,8 +2270,8 @@ static inline int tile_codeblocks(const Jpeg2000DecoderContext *s, Jpeg2000Tile band->coord[1][0] == band->coord[1][1]) continue; - if ((codsty->cblk_style & JPEG2000_CTSY_HTJ2K_F) && M_b >= 31) { - avpriv_request_sample(s->avctx, "JPEG2000_CTSY_HTJ2K_F and M_b >= 31"); + if (M_b >= 31) { + avpriv_request_sample(s->avctx, "M_b >= 31"); return AVERROR_PATCHWELCOME; } -- 2.49.1 _______________________________________________ ffmpeg-devel mailing list -- [email protected] To unsubscribe send an email to [email protected]
