[FFmpeg-cvslog] avcodec/lossless_audiodsp: Fix undefined overflows in scalarproduct_and_madd_int16_c()

Sun, 05 Jul 2020 10:52:06 -0700 

ffmpeg | branch: release/2.8 | Michael Niedermayer <mich...@niedermayer.cc> | 
Sun Jun  7 19:24:10 2020 +0200| [c11634ad7599d13e71c6e9053267051b4f14a3e6] | 
committer: Michael Niedermayer

avcodec/lossless_audiodsp: Fix undefined overflows in 
scalarproduct_and_madd_int16_c()

Fixes: signed integer overflow: 2142077091 + 6881070 cannot be represented in 
type 'int'
Fixes: 
22737/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5958388889681920

Found-by: continuous fuzzing process 
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit c0dfe134beefde4070d43910518b1f4a58f01794)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c11634ad7599d13e71c6e9053267051b4f14a3e6
---

 libavcodec/lossless_audiodsp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/lossless_audiodsp.c b/libavcodec/lossless_audiodsp.c
index 32f4c9e856..74838415fe 100644
--- a/libavcodec/lossless_audiodsp.c
+++ b/libavcodec/lossless_audiodsp.c
@@ -27,7 +27,7 @@ static int32_t scalarproduct_and_madd_int16_c(int16_t *v1, 
const int16_t *v2,
                                               const int16_t *v3,
                                               int order, int mul)
 {
-    int res = 0;
+    unsigned res = 0;
 
     while (order--) {
         res   += *v1 * *v2++;

_______________________________________________
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog

To unsubscribe, visit link above, or email
ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".

Reply via email to