This is an automated email from the git hooks/post-receive script. Git pushed a commit to branch master in repository ffmpeg.
commit 84903636349226f6eabda2cb609c73ba73bc67d5 Author: Osamu Watanabe <[email protected]> AuthorDate: Mon Mar 16 13:43:42 2026 +0900 Commit: cae <[email protected]> CommitDate: Fri Mar 27 13:56:00 2026 +0000 avcodec/jpeg2000: Fix undefined behavior on ROI shift-up --- libavcodec/jpeg2000htdec.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/libavcodec/jpeg2000htdec.c b/libavcodec/jpeg2000htdec.c index 9fc269306d..14ecd9814c 100644 --- a/libavcodec/jpeg2000htdec.c +++ b/libavcodec/jpeg2000htdec.c @@ -1334,8 +1334,19 @@ ff_jpeg2000_decode_htj2k(const Jpeg2000DecoderContext *s, Jpeg2000CodingStyle *c sign = val & INT32_MIN; val &= INT32_MAX; /* ROI shift, if necessary */ - if (roi_shift && (((uint32_t)val & ~mask) == 0)) - val <<= roi_shift; + if (roi_shift && (((uint32_t)val & ~mask) == 0)) { + if ((32 - ff_clz(val | 1)) < roi_shift) + // Assuming that the internal precision for codeblock decoding is 32 bits. + val <<= roi_shift; + else { + av_log(s->avctx, AV_LOG_ERROR, + "Pixel precision in ROI is beyond the supported range.\n" + ); + ret = AVERROR_PATCHWELCOME; + goto free; + } + + } t1->data[n] = val | sign; /* NOTE: Binary point for reconstruction value is located in 31 - M_b */ } } _______________________________________________ ffmpeg-cvslog mailing list -- [email protected] To unsubscribe send an email to [email protected]
