| Message ID | 20201114222628.6486-2-michael@niedermayer.cc |
|---|---|
| State | Accepted |
| Commit | 2eb641741766e98401f2a9d9a91c7afbdcb67d4b |
| Headers | show |
| Series | [FFmpeg-devel,1/4] avformat/iff: Check size before skip | expand |
| Context | Check | Description |
|---|---|---|
| andriy/x86_make | success | Make finished |
| andriy/x86_make_fate | success | Make fate finished |
diff --git a/libavcodec/mv30.c b/libavcodec/mv30.c index 9f28199478..59088d84f8 100644 --- a/libavcodec/mv30.c +++ b/libavcodec/mv30.c @@ -102,7 +102,7 @@ static void get_qtable(int16_t *table, int quant, const uint8_t *quant_tab) } } -static inline void idct_1d(int *blk, int step) +static inline void idct_1d(unsigned *blk, int step) { const unsigned t0 = blk[0 * step] + blk[4 * step]; const unsigned t1 = blk[0 * step] - blk[4 * step];
Fixes: signed integer overflow: 2110302399 + 39074947 cannot be represented in type 'int' Fixes: 27330/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MV30_fuzzer-5664923153334272 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavcodec/mv30.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)