avcodec/mjpegdec: Clip DC also on the negative side.

Fixes: runtime error: signed integer overflow: -16711425 + -2130772346 cannot be represented in type 'int' Fixes: 2533/clusterfuzz-testcase-minimized-5372857678823424 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit c28f648b19dd36ff9bc869ad527a1569a0b623e2) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Michael Niedermayer <michael@niedermayer.cc> 2017-07-12 16:24:18 +0200
committer: Michael Niedermayer <michael@niedermayer.cc> 2017-07-19 03:47:59 +0200
commit: fa427bdb59994537a84d3086f262e084c4923ef7 (patch)
tree: c6640b9a198a1dadd193eba67fffcb4ba2c7787b
parent: 1268784d9f6c480ba26c191d07069d90099bead7 (diff)
download: ffmpeg-fa427bdb59994537a84d3086f262e084c4923ef7.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/libavcodec/mjpegdec.c b/libavcodec/mjpegdec.c
index d78db06e26..ee16ccc9fc 100644
--- a/libavcodec/mjpegdec.c
+++ b/libavcodec/mjpegdec.c
@@ -693,7 +693,7 @@ static int decode_block(MJpegDecodeContext *s, int16_t *block, int component,
         return AVERROR_INVALIDDATA;
     }
     val = val * quant_matrix[0] + s->last_dc[component];
-    val = FFMIN(val, 32767);
+    val = av_clip_int16(val);
     s->last_dc[component] = val;
     block[0] = val;
     /* AC coefs */
author	Michael Niedermayer <michael@niedermayer.cc>	2017-07-12 16:24:18 +0200
committer	Michael Niedermayer <michael@niedermayer.cc>	2017-07-19 03:47:59 +0200
commit	fa427bdb59994537a84d3086f262e084c4923ef7 (patch)
tree	c6640b9a198a1dadd193eba67fffcb4ba2c7787b
parent	1268784d9f6c480ba26c191d07069d90099bead7 (diff)
download	ffmpeg-fa427bdb59994537a84d3086f262e084c4923ef7.tar.gz