avcodec/diracdec: Fix integer overflow in divide3()

Fixes: runtime error: signed integer overflow: -1073746548 * 21845 cannot be represented in type 'int' Fixes: 2729/clusterfuzz-testcase-minimized-5902915464069120 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit c0220c768c7fc933a76c863ebbb0abdf68a88533) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Michael Niedermayer <michael@niedermayer.cc> 2017-07-27 23:49:27 +0200
committer: Michael Niedermayer <michael@niedermayer.cc> 2017-08-23 13:15:18 +0200
commit: 046e0524b92bb6933a40e1b24403763739b49495 (patch)
tree: 4859661a93c99cbc2ab9cf2508bc697a99746bf1
parent: 52bb9d6d58c2df3044c793871bcbe8fe71002aff (diff)
download: ffmpeg-046e0524b92bb6933a40e1b24403763739b49495.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/libavcodec/diracdec.c b/libavcodec/diracdec.c
index c9aa3209a3..23d12ed3f0 100644
--- a/libavcodec/diracdec.c
+++ b/libavcodec/diracdec.c
@@ -284,7 +284,7 @@ static const int qoffset_inter_tab[MAX_QUANT+1] = {
 /* magic number division by 3 from schroedinger */
 static inline int divide3(int x)
 {
-    return ((x+1)*21845 + 10922) >> 16;
+    return (int)((x+1U)*21845 + 10922) >> 16;
 }
 
 static DiracFrame *remove_frame(DiracFrame *framelist[], int picnum)
author	Michael Niedermayer <michael@niedermayer.cc>	2017-07-27 23:49:27 +0200
committer	Michael Niedermayer <michael@niedermayer.cc>	2017-08-23 13:15:18 +0200
commit	046e0524b92bb6933a40e1b24403763739b49495 (patch)
tree	4859661a93c99cbc2ab9cf2508bc697a99746bf1
parent	52bb9d6d58c2df3044c793871bcbe8fe71002aff (diff)
download	ffmpeg-046e0524b92bb6933a40e1b24403763739b49495.tar.gz