virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-13 21:28:01 +02:00
Code Issues Releases Activity

avcodec/h264idct_template: Fix several runtime error: signed integer overflow

Browse Source 
Fixes: 652/clusterfuzz-testcase-6174944410992640

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer 2017-02-22 22:07:35 +01:00
parent 6871df02d9
commit ec849f637e
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
libavcodec/h264idct_template.c
View File

@ -289,15 +289,15 @@ void FUNCC(ff_h264_chroma422_dc_dequant_idct)(int16_t *_block, int qmul){
for(i=0; i<2; i++){
const int offset= x_offset[i];
const int z0= temp[2*0+i] + temp[2*2+i];
const int z1= temp[2*0+i] - temp[2*2+i];
const int z2= temp[2*1+i] - temp[2*3+i];
const int z3= temp[2*1+i] + temp[2*3+i];
const SUINT z0= temp[2*0+i] + temp[2*2+i];
const SUINT z1= temp[2*0+i] - temp[2*2+i];
const SUINT z2= temp[2*1+i] - temp[2*3+i];
const SUINT z3= temp[2*1+i] + temp[2*3+i];
block[stride*0+offset]= ((z0 + z3)*qmul + 128) >> 8;
block[stride*1+offset]= ((z1 + z2)*qmul + 128) >> 8;
block[stride*2+offset]= ((z1 - z2)*qmul + 128) >> 8;
block[stride*3+offset]= ((z0 - z3)*qmul + 128) >> 8;
block[stride*0+offset]= (int)((z0 + z3)*qmul + 128) >> 8;
block[stride*1+offset]= (int)((z1 + z2)*qmul + 128) >> 8;
block[stride*2+offset]= (int)((z1 - z2)*qmul + 128) >> 8;
block[stride*3+offset]= (int)((z0 - z3)*qmul + 128) >> 8;
}
}