commit 8db8824536f01dd4ccb29f68a645b99f63bb267f
author qwu16 <qiujiao.wu@intel.com> Tue Sep 26 06:23:52 2023
committer WebRTC LUCI CQ <webrtc-scoped@luci-project-accounts.iam.gserviceaccount.com> Tue Oct 03 14:17:06 2023
tree f522665e0900aaa02ebe7c71bcbda414d35feec7
parent 40ed3ff07e1f370c6452789895c77fe5be58e292

Fix use-of-uninitialized-value and integer-overflow issues reported by chromium fuzz testing

Bug: chromium:1485906,chromium:1486414
Change-Id: Ia976926fb08405c1cb03bbcfde07d2076bd6f4c2
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/321545
Reviewed-by: Erik Språng <sprang@google.com>
Reviewed-by: Sergey Silkin <ssilkin@webrtc.org>
Commit-Queue: Sergey Silkin <ssilkin@webrtc.org>
Reviewed-by: Erik Språng <sprang@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#40861}

common_video/h265/h265_bitstream_parser.cc

diff --git a/common_video/h265/h265_bitstream_parser.cc b/common_video/h265/h265_bitstream_parser.cc
index ee77166..1093add 100644
--- a/common_video/h265/h265_bitstream_parser.cc
+++ b/common_video/h265/h265_bitstream_parser.cc
@@ -138,8 +138,7 @@
       slice_reader.ConsumeBits(1);
     }
     // slice_type: ue(v)
-    uint32_t slice_type = 0;
-    slice_type = slice_reader.ReadExponentialGolomb();
+    uint32_t slice_type = slice_reader.ReadExponentialGolomb();
     IN_RANGE_OR_RETURN(slice_type, 0, 2);
     if (pps->output_flag_present_flag) {
       // pic_output_flag: u(1)
@@ -274,7 +273,7 @@
       }
 
       uint32_t num_pic_total_curr = 0;
-      uint32_t curr_sps_idx;
+      uint32_t curr_sps_idx = 0;
       if (short_term_ref_pic_set_sps_flag) {
         curr_sps_idx = short_term_ref_pic_set_idx;
       } else {