[FFmpeg-cvslog] avcodec/wavarc: Avoid signed integer overflow in sample
Michael Niedermayer
git at videolan.org
Wed Mar 27 00:24:20 EET 2024
ffmpeg | branch: master | Michael Niedermayer <michael at niedermayer.cc> | Tue Mar 26 03:10:14 2024 +0100| [6009dd07bd2bde72f2e01723678c1994ecef035e] | committer: Michael Niedermayer
avcodec/wavarc: Avoid signed integer overflow in sample
Fixes: signed integer overflow: -2147483648 + -25122315 cannot be represented in type 'int'
Fixes: 62285/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WAVARC_fuzzer-6199806972198912
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6009dd07bd2bde72f2e01723678c1994ecef035e
---
libavcodec/wavarc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavcodec/wavarc.c b/libavcodec/wavarc.c
index 09ed4d473a..99cbaf0109 100644
--- a/libavcodec/wavarc.c
+++ b/libavcodec/wavarc.c
@@ -374,7 +374,7 @@ static int decode_2slp(AVCodecContext *avctx,
for (int o = 0; o < order; o++)
sum += s->filter[ch][o] * (unsigned)samples[n + 70 - o - 1];
- samples[n + 70] = get_srice(gb, k) + (sum >> 4);
+ samples[n + 70] = get_srice(gb, k) + (unsigned)(sum >> 4);
}
finished = 1;
break;
More information about the ffmpeg-cvslog
mailing list