avcodec/hq_hqa: Fix: runtime error: signed integer overflow: -255 * 10180917 cannot...
authorMichael Niedermayer <michael@niedermayer.cc>
Tue, 16 May 2017 21:44:24 +0000 (23:44 +0200)
committerMichael Niedermayer <michael@niedermayer.cc>
Sat, 20 May 2017 01:41:34 +0000 (03:41 +0200)
Fixes: 1626/clusterfuzz-testcase-minimized-6416580571299840

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3d9cb583c8f005a260d255853ef5f1c21e8599a0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
libavcodec/hq_hqa.c

index b5113f3..d184647 100644 (file)
@@ -82,7 +82,7 @@ static int hq_decode_block(HQContext *c, GetBitContext *gb, int16_t block[64],
         pos += ff_hq_ac_skips[val];
         if (pos >= 64)
             break;
-        block[ff_zigzag_direct[pos]] = (ff_hq_ac_syms[val] * q[pos]) >> 12;
+        block[ff_zigzag_direct[pos]] = (int)(ff_hq_ac_syms[val] * (unsigned)q[pos]) >> 12;
         pos++;
     }