avcodec/mjpegdec: Clip DC also on the negative side.

Fixes: runtime error: signed integer overflow: -16711425 + -2130772346 cannot be represented in type 'int' Fixes: 2533/clusterfuzz-testcase-minimized-5372857678823424 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit c28f648b19dd36ff9bc869ad527a1569a0b623e2) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Michael Niedermayer <michael@niedermayer.cc> 2017-07-12 16:24:18 +0200
committer: Michael Niedermayer <michael@niedermayer.cc> 2017-07-19 03:48:00 +0200
commit: 9a2ca3cce2cfb74ffdf9fc27405aac24e042df96 (patch)
tree: a4aa5a4707cb6c8f5e767bbb1785831bd231913b
parent: f1143f5dc0e2c65173b102a8cc097b3606bea3d9 (diff)
download: ffmpeg-9a2ca3cce2cfb74ffdf9fc27405aac24e042df96.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/libavcodec/mjpegdec.c b/libavcodec/mjpegdec.c
index 3b9e47f47e..9a37b3251c 100644
--- a/libavcodec/mjpegdec.c
+++ b/libavcodec/mjpegdec.c
@@ -687,7 +687,7 @@ static int decode_block(MJpegDecodeContext *s, int16_t *block, int component,
         return AVERROR_INVALIDDATA;
     }
     val = val * quant_matrix[0] + s->last_dc[component];
-    val = FFMIN(val, 32767);
+    val = av_clip_int16(val);
     s->last_dc[component] = val;
     block[0] = val;
     /* AC coefs */
author	Michael Niedermayer <michael@niedermayer.cc>	2017-07-12 16:24:18 +0200
committer	Michael Niedermayer <michael@niedermayer.cc>	2017-07-19 03:48:00 +0200
commit	9a2ca3cce2cfb74ffdf9fc27405aac24e042df96 (patch)
tree	a4aa5a4707cb6c8f5e767bbb1785831bd231913b
parent	f1143f5dc0e2c65173b102a8cc097b3606bea3d9 (diff)
download	ffmpeg-9a2ca3cce2cfb74ffdf9fc27405aac24e042df96.tar.gz