[FFmpeg-devel] [PATCH 14/36] avcodec/mjpega_dump_header_bsf: Make code more robust wrt overflow

[Andreas Rheinhardt]

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
---
 libavcodec/mjpega_dump_header_bsf.c | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/libavcodec/mjpega_dump_header_bsf.c b/libavcodec/mjpega_dump_header_bsf.c
index ab68f9c3e9..40c4c690ab 100644
--- a/libavcodec/mjpega_dump_header_bsf.c
+++ b/libavcodec/mjpega_dump_header_bsf.c
@@ -42,7 +42,7 @@ static int mjpega_dump_header(AVBSFContext *ctx, AVPacket *out)
     if (ret < 0)
         return ret;
 
-    ret = av_new_packet(out, in->size + 44);
+    ret = av_new_packet(out, in->size + 44U);
     if (ret < 0)
         goto fail;
 
@@ -58,29 +58,29 @@ static int mjpega_dump_header(AVBSFContext *ctx, AVPacket *out)
     bytestream_put_be16(&out_buf, 42); /* size */
     bytestream_put_be32(&out_buf, 0);
     bytestream_put_buffer(&out_buf, "mjpg", 4);
-    bytestream_put_be32(&out_buf, in->size + 44); /* field size */
-    bytestream_put_be32(&out_buf, in->size + 44); /* pad field size */
+    bytestream_put_be32(&out_buf, in->size + 44U); /* field size */
+    bytestream_put_be32(&out_buf, in->size + 44U); /* pad field size */
     bytestream_put_be32(&out_buf, 0);             /* next ptr */
 
     for (i = 0; i < in->size - 1; i++) {
         if (in->data[i] == 0xff) {
             switch (in->data[i + 1]) {
-            case DQT:  dqt  = i + 46; break;
-            case DHT:  dht  = i + 46; break;
-            case SOF0: sof0 = i + 46; break;
+            case DQT:  dqt  = i + 46U; break;
+            case DHT:  dht  = i + 46U; break;
+            case SOF0: sof0 = i + 46U; break;
             case SOS:
                 bytestream_put_be32(&out_buf, dqt); /* quant off */
                 bytestream_put_be32(&out_buf, dht); /* huff off */
                 bytestream_put_be32(&out_buf, sof0); /* image off */
-                bytestream_put_be32(&out_buf, i + 46); /* scan off */
-                bytestream_put_be32(&out_buf, i + 46 + AV_RB16(in->data + i + 2)); /* data off */
+                bytestream_put_be32(&out_buf, i + 46U); /* scan off */
+                bytestream_put_be32(&out_buf, i + 46U + AV_RB16(in->data + i + 2)); /* data off */
                 bytestream_put_buffer(&out_buf, in->data + 2, in->size - 2); /* skip already written SOI */
 
                 out->size = out_buf - out->data;
                 av_packet_free(&in);
                 return 0;
             case APP1:
-                if (i + 8 < in->size && AV_RL32(in->data + i + 8) == AV_RL32("mjpg")) {
+                if (i + 8U < in->size && AV_RL32(in->data + i + 8) == AV_RL32("mjpg")) {
                     av_log(ctx, AV_LOG_ERROR, "bitstream already formatted\n");
                     av_packet_unref(out);
                     av_packet_move_ref(out, in);
-- 
2.20.1