On Sat, Sep 21, 2019 at 03:47:00PM +0200, Nicolas George wrote: > Michael Niedermayer (12019-09-06): > > Fixes: signed integer overflow: 9223371075321077760 * 2 cannot be > > represented in type 'long' > > Fixes: > > 16447/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFWAVESYNTH_fuzzer-5698937431785472 > > > > Found-by: continuous fuzzing process > > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > > --- > > libavcodec/ffwavesynth.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/libavcodec/ffwavesynth.c b/libavcodec/ffwavesynth.c > > index cfd0951d8f..8079e34539 100644 > > --- a/libavcodec/ffwavesynth.c > > +++ b/libavcodec/ffwavesynth.c > > @@ -220,7 +220,7 @@ static void wavesynth_seek(struct wavesynth_context > > *ws, int64_t ts) > > int64_t pink_ts_cur = (ws->cur_ts + PINK_UNIT - 1) & ~(PINK_UNIT > > - 1); > > int64_t pink_ts_next = ts & ~(PINK_UNIT - 1); > > int pos = ts & (PINK_UNIT - 1); > > - lcg_seek(&ws->pink_state, (pink_ts_next - pink_ts_cur) * 2); > > > + lcg_seek(&ws->pink_state, (pink_ts_next - pink_ts_cur) * 2ULL); > > Casting (pink_ts_next - pink_ts_cur) to uint32_t seems like a better > idea.
will apply this suggested alternative thanks [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Many things microsoft did are stupid, but not doing something just because microsoft did it is even more stupid. If everything ms did were stupid they would be bankrupt already.
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
