[FFmpeg-devel] [PATCH 2/4] avcodec/flacdsp_template: Fix invalid shifts in decorrelate

[Michael Niedermayer]

Fixes: left shift of negative value -2
Fixes: 20303/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FLAC_fuzzer-5096829297623040

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
---
 libavcodec/flacdsp_template.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/libavcodec/flacdsp_template.c b/libavcodec/flacdsp_template.c
index 776c78da71..892418cddc 100644
--- a/libavcodec/flacdsp_template.c
+++ b/libavcodec/flacdsp_template.c
@@ -66,8 +66,8 @@ static void FUNC(flac_decorrelate_ls_c)(uint8_t **out, int32_t **in,
     int i;
 
     for (i = 0; i < len; i++) {
-        int a = in[0][i];
-        int b = in[1][i];
+        unsigned a = in[0][i];
+        unsigned b = in[1][i];
         S(samples, 0, i) =  a      << shift;
         S(samples, 1, i) = (a - b) << shift;
     }
@@ -80,8 +80,8 @@ static void FUNC(flac_decorrelate_rs_c)(uint8_t **out, int32_t **in,
     int i;
 
     for (i = 0; i < len; i++) {
-        int a = in[0][i];
-        int b = in[1][i];
+        unsigned a = in[0][i];
+        unsigned b = in[1][i];
         S(samples, 0, i) = (a + b) << shift;
         S(samples, 1, i) =  b      << shift;
     }
@@ -94,7 +94,7 @@ static void FUNC(flac_decorrelate_ms_c)(uint8_t **out, int32_t **in,
     int i;
 
     for (i = 0; i < len; i++) {
-        int a = in[0][i];
+        unsigned a = in[0][i];
         int b = in[1][i];
         a -= b >> 1;
         S(samples, 0, i) = (a + b) << shift;
-- 
2.17.1