ref: 8b8e9fe85f6875a86ed66726e8964450a318cdc6
parent: b3291ede922d27a20d06c323c1b6b7febc269d6b
author: Janne Grunau <janne-vlc@jannau.net>
date: Fri Nov 9 14:57:08 EST 2018
lf mask: calculate vertical mask correctly Fixes an error introduced in 22d3b6d9807 (!294). Fixes an use of uninitialized value in loop_filter_v_sb128y_c with clusterfuzz-testcase-minimized-dav1d_fuzzer-5682084585144320. The original sample in 22d3b6d9807 clusterfuzz-testcase-minimized-dav1d_fuzzer-5691087507685376 shows no regression. Credits to oss-fuzz.
--- a/src/lf_apply_tmpl.c
+++ b/src/lf_apply_tmpl.c
@@ -235,7 +235,7 @@
x < f->sb128w; x++, a++)
{uint16_t (*const y_vmask)[2] = lflvl[x].filter_y[1][starty4];
- const unsigned w = imin(32, (f->w4 >> sbl2) - x);
+ const unsigned w = imin(32, f->w4 - (x << 5));
for (unsigned mask = 1, i = 0; i < w; mask <<= 1, i++) {const int sidx = mask >= 0x10000U;
const unsigned smask = mask >> (sidx << 4);