@@ -268,9 +268,9 @@ static int rm_read_audio_stream_info(AVFormatContext *s, AVIOContext *pb,
case DEINT_ID_INT4:
if (ast->coded_framesize > ast->audio_framesize ||
sub_packet_h <= 1 ||
- ast->coded_framesize * (uint64_t)sub_packet_h > (2 + (sub_packet_h & 1)) * ast->audio_framesize)
+ ast->coded_framesize * (uint64_t)sub_packet_h > (2LL + (sub_packet_h & 1)) * ast->audio_framesize)
return AVERROR_INVALIDDATA;
- if (ast->coded_framesize * (uint64_t)sub_packet_h != 2*ast->audio_framesize) {
+ if (ast->coded_framesize * (uint64_t)sub_packet_h != 2LL*ast->audio_framesize) {
avpriv_request_sample(s, "mismatching interleaver parameters");
return AVERROR_INVALIDDATA;
}
It is not entirely clear what would prevent such overflow so even if it is not possible, it is better to use 64bit Fixes: CID1491898 Unintentional integer overflow Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavformat/rmdec.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)