Chiebot-Mirror
/
FFmpeg
mirror of https://github.com/FFmpeg/FFmpeg.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity

avcodec/svq3: Fix multiple runtime error: signed integer overflow: 44161 * 61694 cannot be represented in type 'int'

Browse Source 
Fixes: 1382/clusterfuzz-testcase-minimized-6013445293998080

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
pull/202/merge
Michael Niedermayer 8 years ago
parent 1121d92707
commit 669419939c
1 changed files with 5 additions and 5 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 10
      libavcodec/svq3.c

10
libavcodec/svq3.c
Unescape View File

@ -223,7 +223,7 @@ static int svq3_decode_end(AVCodecContext *avctx);
static void svq3_luma_dc_dequant_idct_c(int16_t *output, int16_t *input, int qp)
{
const int qmul = svq3_dequant_coeff[qp];
const unsigned qmul = svq3_dequant_coeff[qp];
#define stride 16
int i;
int temp[16];
@ -248,10 +248,10 @@ static void svq3_luma_dc_dequant_idct_c(int16_t *output, int16_t *input, int qp)
const int z2 = 7 * temp[4 * 1 + i] - 17 * temp[4 * 3 + i];
const int z3 = 17 * temp[4 * 1 + i] + 7 * temp[4 * 3 + i];
output[stride * 0 + offset] = (z0 + z3) * qmul + 0x80000 >> 20;
output[stride * 2 + offset] = (z1 + z2) * qmul + 0x80000 >> 20;
output[stride * 8 + offset] = (z1 - z2) * qmul + 0x80000 >> 20;
output[stride * 10 + offset] = (z0 - z3) * qmul + 0x80000 >> 20;
output[stride * 0 + offset] = (int)((z0 + z3) * qmul + 0x80000) >> 20;
output[stride * 2 + offset] = (int)((z1 + z2) * qmul + 0x80000) >> 20;
output[stride * 8 + offset] = (int)((z1 - z2) * qmul + 0x80000) >> 20;
output[stride * 10 + offset] = (int)((z0 - z3) * qmul + 0x80000) >> 20;
}
}
#undef stride

Write Preview
Loading…
Cancel
Save