avcodec/h264_slice: Fix overflow in recovery_frame computation
authorMichael Niedermayer <michael@niedermayer.cc>
Fri, 8 Jun 2018 17:07:22 +0000 (19:07 +0200)
committerMichael Niedermayer <michael@niedermayer.cc>
Fri, 15 Jun 2018 20:31:13 +0000 (22:31 +0200)
commite42ab0115e245d226fa592c9bed82fe7f9b0cf22
tree34f8db9dfab5d77b0c5aca561ea48328878e2edf
parent10f68641ae15ed0c1ea819b5970bfe4b166cd77c
avcodec/h264_slice: Fix overflow in recovery_frame computation

Fixes: signed integer overflow: 15 + 2147483646 cannot be represented in type 'int'
Fixes: 8381/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-6225533137321984

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8c20ea8ee0f3f0b27aca0204c6dfaa4ac137e34e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
libavcodec/h264_sei.c