[FFmpeg-cvslog] avcodec/ac3dec: Fix shift signedness in mask creation

Michael Niedermayer git at videolan.org
Sun Oct 7 23:59:06 EEST 2018


ffmpeg | branch: release/4.0 | Michael Niedermayer <michael at niedermayer.cc> | Fri Sep 21 02:36:50 2018 +0200| [d7973cf03d07d002b3ded68b5358f4239c7e0de1] | committer: Michael Niedermayer

avcodec/ac3dec: Fix shift signedness in mask creation

Fixes: 9924/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EAC3_fuzzer-5473421772193792
Fixes: left shift of 1 by 63 places cannot be represented in type 'long long'

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 148a21611d856609fc034147f4a27cfdb6d90ff4)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d7973cf03d07d002b3ded68b5358f4239c7e0de1
---

 libavcodec/ac3dec.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libavcodec/ac3dec.c b/libavcodec/ac3dec.c
index eed8ce5b39..43b22b7654 100644
--- a/libavcodec/ac3dec.c
+++ b/libavcodec/ac3dec.c
@@ -1708,9 +1708,9 @@ dependent_frame:
                     int i;
 
                     for (i = 0; i < 64; i++) {
-                        if ((1LL << i) & ff_eac3_custom_channel_map_locations[ch][1]) {
+                        if ((1ULL << i) & ff_eac3_custom_channel_map_locations[ch][1]) {
                             int index = av_get_channel_layout_channel_index(channel_layout,
-                                                                            1LL << i);
+                                                                            1ULL << i);
                             if (index < 0)
                                 return AVERROR_INVALIDDATA;
                             if (extend >= channel_map_size)



More information about the ffmpeg-cvslog mailing list