avcodec/diracdec: Fix integer overflow in divide3()

Fixes: runtime error: signed integer overflow: -1073746548 * 21845 cannot be represented in type 'int' Fixes: 2729/clusterfuzz-testcase-minimized-5902915464069120 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit c0220c768c7fc933a76c863ebbb0abdf68a88533) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Michael Niedermayer <michael@niedermayer.cc> 2017-07-27 23:49:27 +0200
committer: Michael Niedermayer <michael@niedermayer.cc> 2017-07-29 14:23:24 +0200
commit: 934878f2a62f6744e44b1ef8085ffdfa6d4a5007 (patch)
tree: ebd9410061db2e6a724710f3976368321b600041
parent: 38d9a782a585f82e8ee543d8e806a6a282322e5c (diff)
download: ffmpeg-934878f2a62f6744e44b1ef8085ffdfa6d4a5007.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/libavcodec/diracdec.c b/libavcodec/diracdec.c
index 42ccbb5746..6ab3c5f7f4 100644
--- a/libavcodec/diracdec.c
+++ b/libavcodec/diracdec.c
@@ -249,7 +249,7 @@ enum dirac_subband {
 /* magic number division by 3 from schroedinger */
 static inline int divide3(int x)
 {
-    return ((x+1)*21845 + 10922) >> 16;
+    return (int)((x+1U)*21845 + 10922) >> 16;
 }
 
 static DiracFrame *remove_frame(DiracFrame *framelist[], int picnum)
author	Michael Niedermayer <michael@niedermayer.cc>	2017-07-27 23:49:27 +0200
committer	Michael Niedermayer <michael@niedermayer.cc>	2017-07-29 14:23:24 +0200
commit	934878f2a62f6744e44b1ef8085ffdfa6d4a5007 (patch)
tree	ebd9410061db2e6a724710f3976368321b600041
parent	38d9a782a585f82e8ee543d8e806a6a282322e5c (diff)
download	ffmpeg-934878f2a62f6744e44b1ef8085ffdfa6d4a5007.tar.gz