pi.c: avoid integer overflow, resulting in later invalid access to memory in opj_t2_decode_packets(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18979

author: Even Rouault <even.rouault@spatialys.com> 2019-11-17 01:18:26 +0100
committer: Even Rouault <even.rouault@spatialys.com> 2019-11-17 01:18:26 +0100
commit: 4cb1f663049aab96e122d1ff16f601d0cc0be976 (patch)
tree: 613301fcf6c159089f8e173103fbde162e5a66b8 /src/lib/openjp2/pi.h
parent: 5875a6b44618fb7dfd5cd6d742533eaee2014060 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/openjp2/pi.h b/src/lib/openjp2/pi.h
index 8c0dc25c..87380208 100644
--- a/src/lib/openjp2/pi.h
+++ b/src/lib/openjp2/pi.h
@@ -102,9 +102,9 @@ typedef struct opj_pi_iterator {
     /** Components*/
     opj_pi_comp_t *comps;
     /** FIXME DOC*/
-    OPJ_INT32 tx0, ty0, tx1, ty1;
+    OPJ_UINT32 tx0, ty0, tx1, ty1;
     /** FIXME DOC*/
-    OPJ_INT32 x, y;
+    OPJ_UINT32 x, y;
     /** FIXME DOC*/
     OPJ_UINT32 dx, dy;
 } opj_pi_iterator_t;
author	Even Rouault <even.rouault@spatialys.com>	2019-11-17 01:18:26 +0100
committer	Even Rouault <even.rouault@spatialys.com>	2019-11-17 01:18:26 +0100
commit	4cb1f663049aab96e122d1ff16f601d0cc0be976 (patch)
tree	613301fcf6c159089f8e173103fbde162e5a66b8 /src/lib/openjp2/pi.h
parent	5875a6b44618fb7dfd5cd6d742533eaee2014060 (diff)