avformat/rpl: The associative law doesnt hold for signed integers in C

Add () to avoid undefined behavior Fixes: signed integer overflow: 9223372036854775790 + 57 cannot be represented in type 'long' Fixes: 34983/clusterfuzz-testcase-minimized-ffmpeg_dem_RPL_fuzzer-5765822923538432 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 480f11bdd713c15e4964093be7ef0adf5b619cc1) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Michael Niedermayer <michael@niedermayer.cc> 2021-06-10 20:35:43 +0200
committer: Michael Niedermayer <michael@niedermayer.cc> 2021-10-06 14:41:41 +0200
commit: 04e7bac7631562383929dae8b47e4b0a25c434b5 (patch)
tree: cac67bc96da8f47ec99f006a16cf1486e46c4d77
parent: 090e21faef5274862bc48d2a40ba32513beef00d (diff)
download: ffmpeg-04e7bac7631562383929dae8b47e4b0a25c434b5.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/libavformat/rpl.c b/libavformat/rpl.c
index c474b76c45..ad3659e936 100644
--- a/libavformat/rpl.c
+++ b/libavformat/rpl.c
@@ -103,7 +103,7 @@ static AVRational read_fps(const char* line, int* error)
         // Truncate any numerator too large to fit into an int64_t
         if (num > (INT64_MAX - 9) / 10 || den > INT64_MAX / 10)
             break;
-        num  = 10 * num + *line - '0';
+        num  = 10 * num + (*line - '0');
         den *= 10;
     }
     if (!num)
author	Michael Niedermayer <michael@niedermayer.cc>	2021-06-10 20:35:43 +0200
committer	Michael Niedermayer <michael@niedermayer.cc>	2021-10-06 14:41:41 +0200
commit	04e7bac7631562383929dae8b47e4b0a25c434b5 (patch)
tree	cac67bc96da8f47ec99f006a16cf1486e46c4d77
parent	090e21faef5274862bc48d2a40ba32513beef00d (diff)
download	ffmpeg-04e7bac7631562383929dae8b47e4b0a25c434b5.tar.gz