shithub: dav1d

Download patch

ref: d253401a59bf27e9a015c23a1aaf45b36f25d8e3
parent: 4d3b6c153ba787adacabaa5e0e3b6e229b144c5a
author: Janne Grunau <[email protected]>
date: Fri Nov 9 13:13:38 EST 2018

frame-mt: do not derive_warpmv intrabc blocks

Fixes an use-of-uninitialized-value in decode_b() with
clusterfuzz-testcase-minimized-dav1d_fuzzer_mt-5674585370918912. Credits
to oss-fuzz.

--- a/src/decode.c
+++ b/src/decode.c
@@ -727,7 +727,9 @@
 #undef set_ctx
             }
         } else {
-            if (b->comp_type == COMP_INTER_NONE && b->motion_mode == MM_WARP) {
+            if (f->frame_hdr.frame_type & 1 /* not intrabc */ &&
+                b->comp_type == COMP_INTER_NONE && b->motion_mode == MM_WARP)
+            {
                 uint64_t mask[2] = { 0, 0 };
                 find_matching_ref(t, intra_edge_flags, bw4, bh4, w4, h4,
                                   have_left, have_top, b->ref[0], mask);