libde265 icon indicating copy to clipboard operation
libde265 copied to clipboard

Published 20 hours ago verified publisher icon strukturag

Integer-overflow · residual_coding

Open dlemstra opened this issue 2 years ago • 0 comments

The https://github.com/ImageMagick project is using the oss-fuzz tooling of google and with the attached file there is an integer overflow in residual_coding. I suspect that this is caused by returning a negative value in decode_coeff_abs_level_remaining.

https://github.com/strukturag/libde265/blob/e587ef6e8000662b91c35ccb866c2374d3a40e27/libde265/slice.cc#L3369

Test file: test.zip

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48430

dlemstra avatar Jul 02 '22 19:07 dlemstra