Fix unsigned int overflow reported by UBSan (#759)

diff --git a/src/lib/openjp2/tcd.c b/src/lib/openjp2/tcd.c
index af6b53f5c9e97a6e7c81aae0472036ca7ffdf9af..d590046f335d156e133a9772574c826428a06a0b 100644 (file)
--- a/src/lib/openjp2/tcd.c
+++ b/src/lib/openjp2/tcd.c
@@ -778,7 +778,7 @@ static INLINE OPJ_BOOL opj_tcd_init_tile(opj_tcd_t *p_tcd, OPJ_UINT32 p_tile_no,
                        l_tilec->resolutions_size = l_data_size;
                }
                
-               l_level_no = l_tilec->numresolutions - 1;
+               l_level_no = l_tilec->numresolutions;
                l_res = l_tilec->resolutions;
                l_step_size = l_tccp->stepsizes;
                if (l_tccp->qmfbid == 0) {
@@ -795,6 +795,8 @@ static INLINE OPJ_BOOL opj_tcd_init_tile(opj_tcd_t *p_tcd, OPJ_UINT32 p_tile_no,
                        OPJ_UINT32 cbgwidthexpn, cbgheightexpn;
                        OPJ_UINT32 cblkwidthexpn, cblkheightexpn;
                        
+                       --l_level_no;
+                       
                        /* border for each resolution level (global) */
                        l_res->x0 = opj_int_ceildivpow2(l_tilec->x0, (OPJ_INT32)l_level_no);
                        l_res->y0 = opj_int_ceildivpow2(l_tilec->y0, (OPJ_INT32)l_level_no);
@@ -1024,7 +1026,6 @@ static INLINE OPJ_BOOL opj_tcd_init_tile(opj_tcd_t *p_tcd, OPJ_UINT32 p_tile_no,
                                ++l_step_size;
                        } /* bandno */
                        ++l_res;
-                       --l_level_no;
                } /* resno */
                ++l_tccp;
                ++l_tilec;