| Message ID | 20200609205505.23938-3-michael@niedermayer.cc |
|---|---|
| State | Accepted |
| Commit | aa88cdfd90f5da0683cd6556c75a5ba5740a1c27 |
| Headers | show |
| Series | [FFmpeg-devel,1/3] RELEASE: We are after the 4.3 branch point, update for that | expand |
| Context | Check | Description |
|---|---|---|
| andriy/default | pending | |
| andriy/make | success | Make finished |
| andriy/make_fate | success | Make fate finished |
On Tue, Jun 09, 2020 at 10:55:05PM +0200, Michael Niedermayer wrote: > Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int' > Fixes: 22975/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LOCO_fuzzer-5658160970072064 > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > libavcodec/loco.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) will apply [...]
diff --git a/libavcodec/loco.c b/libavcodec/loco.c index e891d83ece..d0cedf577d 100644 --- a/libavcodec/loco.c +++ b/libavcodec/loco.c @@ -82,7 +82,7 @@ static inline void loco_update_rice_param(RICEContext *r, int val) static inline int loco_get_rice(RICEContext *r) { - int v; + unsigned v; if (r->run > 0) { /* we have zero run */ r->run--; loco_update_rice_param(r, 0);
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int' Fixes: 22975/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LOCO_fuzzer-5658160970072064 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavcodec/loco.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)