1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-23 12:43:46 +02:00

avcodec/g723_1: Fix runtime error: signed integer overflow: -1013481472 + -1139123755 cannot be represented in type 'int'

See: LsptoA() and L_add()
Fixes: 1758/clusterfuzz-testcase-minimized-6054857184116736

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer 2017-05-23 03:43:51 +02:00
parent 9726e9f809
commit 504d5804ac

View File

@ -150,8 +150,8 @@ static void lsp2lpc(int16_t *lpc)
* each iteration for a final scaling factor of Q25
*/
for (i = 2; i < LPC_ORDER / 2; i++) {
f1[i + 1] = f1[i - 1] + MULL2(f1[i], lpc[2 * i]);
f2[i + 1] = f2[i - 1] + MULL2(f2[i], lpc[2 * i + 1]);
f1[i + 1] = av_clipl_int32(f1[i - 1] + (int64_t)MULL2(f1[i], lpc[2 * i]));
f2[i + 1] = av_clipl_int32(f2[i - 1] + (int64_t)MULL2(f2[i], lpc[2 * i + 1]));
for (j = i; j >= 2; j--) {
f1[j] = MULL2(f1[j - 1], lpc[2 * i]) +