avformat/rpl: The associative law doesnt hold for signed integers in C

Add () to avoid undefined behavior Fixes: signed integer overflow: 9223372036854775790 + 57 cannot be represented in type 'long' Fixes: 34983/clusterfuzz-testcase-minimized-ffmpeg_dem_RPL_fuzzer-5765822923538432 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 480f11bdd713c15e4964093be7ef0adf5b619cc1) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Michael Niedermayer <michael@niedermayer.cc> 2021-06-10 20:35:43 +0200
committer: Michael Niedermayer <michael@niedermayer.cc> 2021-09-11 21:23:49 +0200
commit: 9274418fe8bb1e936f6c3227a99326286dd723a9 (patch)
tree: 3ab945e94caffcb4be420ef5f19613b8e1c45016
parent: 7f28e32486eed2802a4290a964a52863abc2d32d (diff)
download: ffmpeg-9274418fe8bb1e936f6c3227a99326286dd723a9.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/libavformat/rpl.c b/libavformat/rpl.c
index a7665cf421..ad3800a906 100644
--- a/libavformat/rpl.c
+++ b/libavformat/rpl.c
@@ -103,7 +103,7 @@ static AVRational read_fps(const char* line, int* error)
         // Truncate any numerator too large to fit into an int64_t
         if (num > (INT64_MAX - 9) / 10 || den > INT64_MAX / 10)
             break;
-        num  = 10 * num + *line - '0';
+        num  = 10 * num + (*line - '0');
         den *= 10;
     }
     if (!num)
author	Michael Niedermayer <michael@niedermayer.cc>	2021-06-10 20:35:43 +0200
committer	Michael Niedermayer <michael@niedermayer.cc>	2021-09-11 21:23:49 +0200
commit	9274418fe8bb1e936f6c3227a99326286dd723a9 (patch)
tree	3ab945e94caffcb4be420ef5f19613b8e1c45016
parent	7f28e32486eed2802a4290a964a52863abc2d32d (diff)
download	ffmpeg-9274418fe8bb1e936f6c3227a99326286dd723a9.tar.gz