aboutsummaryrefslogtreecommitdiffstats
path: root/libavcodec
diff options
context:
space:
mode:
authorMichael Niedermayer <michael@niedermayer.cc>2017-10-09 00:32:30 +0200
committerMichael Niedermayer <michael@niedermayer.cc>2017-10-13 12:59:47 +0200
commitb2c9771dd435fbce4f0a422bbdc16ecf7b243395 (patch)
tree6cb0b045935df5e570a3a9224dc8cab21405c74c /libavcodec
parent16b07d59de97998779f4937c7793b20fbb217ffb (diff)
downloadffmpeg-b2c9771dd435fbce4f0a422bbdc16ecf7b243395.tar.gz
avcodec/mpeg_er: Clear mcsel in mpeg_er_decode_mb()
Fixes out of array read Should fix: 3516/clusterfuzz-testcase-minimized-4608518562775040 (not reprodoceable) Found-by: Insu Yun, Georgia Tech. Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 127a362630e11fe724e2e63fc871791fdcbcfa64) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Diffstat (limited to 'libavcodec')
-rw-r--r--libavcodec/mpeg_er.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/libavcodec/mpeg_er.c b/libavcodec/mpeg_er.c
index dd87ae9cc9..9bd269c440 100644
--- a/libavcodec/mpeg_er.c
+++ b/libavcodec/mpeg_er.c
@@ -71,6 +71,7 @@ static void mpeg_er_decode_mb(void *opaque, int ref, int mv_dir, int mv_type,
s->mb_skipped = mb_skipped;
s->mb_x = mb_x;
s->mb_y = mb_y;
+ s->mcsel = 0;
memcpy(s->mv, mv, sizeof(*mv));
ff_init_block_index(s);