avcodec/mjpegdec: Clip DC also on the negative side.

Fixes: runtime error: signed integer overflow: -16711425 + -2130772346 cannot be represented in type 'int' Fixes: 2533/clusterfuzz-testcase-minimized-5372857678823424 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit c28f648b19dd36ff9bc869ad527a1569a0b623e2) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Michael Niedermayer <michael@niedermayer.cc> 2017-07-12 16:24:18 +0200
committer: Michael Niedermayer <michael@niedermayer.cc> 2017-07-19 03:48:01 +0200
commit: a84ed3d01137ecfb31d3283f1a8bc9673468f188 (patch)
tree: 4920a766216bff31f1d8cb9176f1f72ae379a1c4
parent: 080d6de9dfc12107e3f2feb15925b6b3710d2ee6 (diff)
download: ffmpeg-a84ed3d01137ecfb31d3283f1a8bc9673468f188.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/libavcodec/mjpegdec.c b/libavcodec/mjpegdec.c
index b51ebf450c..f6011c76f9 100644
--- a/libavcodec/mjpegdec.c
+++ b/libavcodec/mjpegdec.c
@@ -687,7 +687,7 @@ static int decode_block(MJpegDecodeContext *s, int16_t *block, int component,
         return AVERROR_INVALIDDATA;
     }
     val = val * quant_matrix[0] + s->last_dc[component];
-    val = FFMIN(val, 32767);
+    val = av_clip_int16(val);
     s->last_dc[component] = val;
     block[0] = val;
     /* AC coefs */
author	Michael Niedermayer <michael@niedermayer.cc>	2017-07-12 16:24:18 +0200
committer	Michael Niedermayer <michael@niedermayer.cc>	2017-07-19 03:48:01 +0200
commit	a84ed3d01137ecfb31d3283f1a8bc9673468f188 (patch)
tree	4920a766216bff31f1d8cb9176f1f72ae379a1c4
parent	080d6de9dfc12107e3f2feb15925b6b3710d2ee6 (diff)
download	ffmpeg-a84ed3d01137ecfb31d3283f1a8bc9673468f188.tar.gz