diff options
| author | Janne Grunau <janne-vlc@jannau.net> | 2018-11-09 20:13:38 +0300 |
|---|---|---|
| committer | Janne Grunau <janne-vlc@jannau.net> | 2018-11-09 20:33:38 +0300 |
| commit | d253401a59bf27e9a015c23a1aaf45b36f25d8e3 (patch) | |
| tree | 5e595796d8c03644a974952404bdf32bd1f2e006 | |
| parent | 4d3b6c153ba787adacabaa5e0e3b6e229b144c5a (diff) | |
frame-mt: do not derive_warpmv intrabc blocks
Fixes an use-of-uninitialized-value in decode_b() with
clusterfuzz-testcase-minimized-dav1d_fuzzer_mt-5674585370918912. Credits
to oss-fuzz.
| -rw-r--r-- | src/decode.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/decode.c b/src/decode.c index 9ba0fc9..ad5f7b5 100644 --- a/src/decode.c +++ b/src/decode.c @@ -727,7 +727,9 @@ static int decode_b(Dav1dTileContext *const t, #undef set_ctx } } else { - if (b->comp_type == COMP_INTER_NONE && b->motion_mode == MM_WARP) { + if (f->frame_hdr.frame_type & 1 /* not intrabc */ && + b->comp_type == COMP_INTER_NONE && b->motion_mode == MM_WARP) + { uint64_t mask[2] = { 0, 0 }; find_matching_ref(t, intra_edge_flags, bw4, bh4, w4, h4, have_left, have_top, b->ref[0], mask); |