ref: c627f16f5ae671c4583b6c85006ce648224814e3
parent: 86fd0b6d49df84cae72b3eef840e33c863df085c
author: Ronald S. Bultje <[email protected]>
date: Tue Nov 20 03:28:17 EST 2018
Don't set LR coefficient defaults at image edges These edges don't encode LR coefficients anyway. Fixes clusterfuzz-testcase-minimized-dav1d_fuzzer-5731769337249792. Credits to oss-fuzz.
--- a/src/decode.c
+++ b/src/decode.c
@@ -2250,7 +2250,9 @@
const int x = ((4 * ts->tiling.col_start * d >> ss_hor) + rnd) >> shift;
const int px_x = x << (unit_size_log2 + ss_hor);
const int u_idx = unit_idx + ((px_x & 64) >> 6);
- ts->lr_ref[p] = &f->lf.lr_mask[sb_idx + (px_x >> 7)].lr[p][u_idx];
+ const int sb128x = px_x >> 7;
+ if (sb128x >= f->sr_sb128w) continue;
+ ts->lr_ref[p] = &f->lf.lr_mask[sb_idx + sb128x].lr[p][u_idx];
} else {
ts->lr_ref[p] = &f->lf.lr_mask[sb_idx].lr[p][unit_idx];
}