avcodec/hq_hqa: Fix: runtime error: signed integer overflow: -255 * 10180917 cannot...
authorMichael Niedermayer <michael@niedermayer.cc>
Tue, 16 May 2017 21:44:24 +0000 (23:44 +0200)
committerMichael Niedermayer <michael@niedermayer.cc>
Tue, 16 May 2017 21:45:01 +0000 (23:45 +0200)
Fixes: 1626/clusterfuzz-testcase-minimized-6416580571299840

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
libavcodec/hq_hqa.c

index 80dc6b5..f88ad7d 100644 (file)
@@ -83,7 +83,7 @@ static int hq_decode_block(HQContext *c, GetBitContext *gb, int16_t block[64],
         pos += ff_hq_ac_skips[val];
         if (pos >= 64)
             break;
-        block[ff_zigzag_direct[pos]] = (ff_hq_ac_syms[val] * q[pos]) >> 12;
+        block[ff_zigzag_direct[pos]] = (int)(ff_hq_ac_syms[val] * (unsigned)q[pos]) >> 12;
         pos++;
     }