avcodec/mpeg_er: Clear mcsel in mpeg_er_decode_mb()

Fixes out of array read Should fix: 3516/clusterfuzz-testcase-minimized-4608518562775040 (not reprodoceable) Found-by: Insu Yun, Georgia Tech. Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 127a362630e11fe724e2e63fc871791fdcbcfa64) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Michael Niedermayer <michael@niedermayer.cc> 2017-10-09 00:32:30 +0200
committer: Michael Niedermayer <michael@niedermayer.cc> 2017-10-26 17:34:42 +0200
commit: aa6c44c33399a8dd5799dc57d18e0f8235b17f86 (patch)
tree: 8dbebcfaec89e95c3cdba9137747c8a6ee552df1
parent: 0009272f943af76c8bad7c676ce4e9c41c4ac042 (diff)
download: ffmpeg-aa6c44c33399a8dd5799dc57d18e0f8235b17f86.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/libavcodec/mpeg_er.c b/libavcodec/mpeg_er.c
index ee8b2a5e7b..0c5c44cf4f 100644
--- a/libavcodec/mpeg_er.c
+++ b/libavcodec/mpeg_er.c
@@ -71,6 +71,7 @@ static void mpeg_er_decode_mb(void *opaque, int ref, int mv_dir, int mv_type,
     s->mb_skipped = mb_skipped;
     s->mb_x       = mb_x;
     s->mb_y       = mb_y;
+    s->mcsel      = 0;
     memcpy(s->mv, mv, sizeof(*mv));
 
     ff_init_block_index(s);
author	Michael Niedermayer <michael@niedermayer.cc>	2017-10-09 00:32:30 +0200
committer	Michael Niedermayer <michael@niedermayer.cc>	2017-10-26 17:34:42 +0200
commit	aa6c44c33399a8dd5799dc57d18e0f8235b17f86 (patch)
tree	8dbebcfaec89e95c3cdba9137747c8a6ee552df1
parent	0009272f943af76c8bad7c676ce4e9c41c4ac042 (diff)
download	ffmpeg-aa6c44c33399a8dd5799dc57d18e0f8235b17f86.tar.gz