avcodec/eamad: Fix runtime error: signed integer overflow: 49674 * 49858 cannot be represented in type 'int'

Fixes: 1394/clusterfuzz-testcase-minimized-6493376885030912 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 0ac1c87194a67e6104a3d241a4dd1ca0808784bd) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Michael Niedermayer <michael@niedermayer.cc> 2017-05-07 15:42:17 +0200
committer: Michael Niedermayer <michael@niedermayer.cc> 2017-05-20 03:41:33 +0200
commit: 89b2c2493181fcea65c064ccdf029fbf6b6d14bb (patch)
tree: 6db556a2185f6f8ddcb573354f20c1f07ea490eb
parent: fc99e4c9725ce6d6a0dcc44e3a1734e67cd62e80 (diff)
download: ffmpeg-89b2c2493181fcea65c064ccdf029fbf6b6d14bb.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/libavcodec/eamad.c b/libavcodec/eamad.c
index 4e202f98a3..0525394838 100644
--- a/libavcodec/eamad.c
+++ b/libavcodec/eamad.c
@@ -284,7 +284,7 @@ static int decode_frame(AVCodecContext *avctx,
 
     if (avctx->width != width || avctx->height != height) {
         av_frame_unref(s->last_frame);
-        if((width * height)/2048*7 > bytestream2_get_bytes_left(&gb))
+        if((width * (int64_t)height)/2048*7 > bytestream2_get_bytes_left(&gb))
             return AVERROR_INVALIDDATA;
         if ((ret = ff_set_dimensions(avctx, width, height)) < 0)
             return ret;
author	Michael Niedermayer <michael@niedermayer.cc>	2017-05-07 15:42:17 +0200
committer	Michael Niedermayer <michael@niedermayer.cc>	2017-05-20 03:41:33 +0200
commit	89b2c2493181fcea65c064ccdf029fbf6b6d14bb (patch)
tree	6db556a2185f6f8ddcb573354f20c1f07ea490eb
parent	fc99e4c9725ce6d6a0dcc44e3a1734e67cd62e80 (diff)
download	ffmpeg-89b2c2493181fcea65c064ccdf029fbf6b6d14bb.tar.gz