[FFmpeg-cvslog] avcodec/cavsdec: Fix undefined behavior from integer overflow
Michael Niedermayer
git at videolan.org
Fri May 5 05:26:12 EEST 2017
ffmpeg | branch: master | Michael Niedermayer <michael at niedermayer.cc> | Fri May 5 03:24:40 2017 +0200| [a0e5f7f363555d2befafb1c9e1579dbe0a2fbca7] | committer: Michael Niedermayer
avcodec/cavsdec: Fix undefined behavior from integer overflow
Fixes: 1335/clusterfuzz-testcase-minimized-5566961566089216
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a0e5f7f363555d2befafb1c9e1579dbe0a2fbca7
---
libavcodec/cavsdec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavcodec/cavsdec.c b/libavcodec/cavsdec.c
index 6f4d6aca69..4d3d2d7c65 100644
--- a/libavcodec/cavsdec.c
+++ b/libavcodec/cavsdec.c
@@ -465,7 +465,7 @@ static inline void mv_pred_direct(AVSContext *h, cavs_vector *pmv_fw,
cavs_vector *col_mv)
{
cavs_vector *pmv_bw = pmv_fw + MV_BWD_OFFS;
- int den = h->direct_den[col_mv->ref];
+ unsigned den = h->direct_den[col_mv->ref];
int m = FF_SIGNBIT(col_mv->x);
pmv_fw->dist = h->dist[1];
More information about the ffmpeg-cvslog
mailing list