opj_t1_decode_cblk(): avoid undefined shift behaviour. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2487. Credit to OSS Fuzz

This commit is contained in:
Even Rouault 2017-07-29 16:34:35 +02:00
parent f6551f822f
commit db9ef99f6d
1 changed files with 12 additions and 0 deletions

View File

@ -1822,6 +1822,18 @@ static OPJ_BOOL opj_t1_decode_cblk(opj_t1_t *t1,
}
bpno_plus_one = (OPJ_INT32)(roishift + cblk->numbps);
if (bpno_plus_one >= 31) {
if (p_manager_mutex) {
opj_mutex_lock(p_manager_mutex);
}
opj_event_msg(p_manager, EVT_WARNING,
"opj_t1_decode_cblk(): unsupported bpno_plus_one = %d >= 31\n",
bpno_plus_one);
if (p_manager_mutex) {
opj_mutex_unlock(p_manager_mutex);
}
return OPJ_FALSE;
}
passtype = 2;
opj_mqc_resetstates(mqc);