diff options
author | Michael Niedermayer <michael@niedermayer.cc> | 2017-05-07 15:42:17 +0200 |
---|---|---|
committer | Michael Niedermayer <michael@niedermayer.cc> | 2017-05-07 19:32:33 +0200 |
commit | 0ac1c87194a67e6104a3d241a4dd1ca0808784bd (patch) | |
tree | 1c22e489f5a40513b0ca836dd047761d7992978e | |
parent | c04aa148824f4fb7f4b70830ad3ca7a6cba8ab79 (diff) | |
download | ffmpeg-0ac1c87194a67e6104a3d241a4dd1ca0808784bd.tar.gz |
avcodec/eamad: Fix runtime error: signed integer overflow: 49674 * 49858 cannot be represented in type 'int'
Fixes: 1394/clusterfuzz-testcase-minimized-6493376885030912
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-rw-r--r-- | libavcodec/eamad.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/libavcodec/eamad.c b/libavcodec/eamad.c index 23b1a3c944..753dee06c3 100644 --- a/libavcodec/eamad.c +++ b/libavcodec/eamad.c @@ -284,7 +284,7 @@ static int decode_frame(AVCodecContext *avctx, if (avctx->width != width || avctx->height != height) { av_frame_unref(s->last_frame); - if((width * height)/2048*7 > bytestream2_get_bytes_left(&gb)) + if((width * (int64_t)height)/2048*7 > bytestream2_get_bytes_left(&gb)) return AVERROR_INVALIDDATA; if ((ret = ff_set_dimensions(avctx, width, height)) < 0) return ret; |