From 27c20068054d8c6786833234f7b6db19f1e98362 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Sun, 18 Jun 2017 14:37:19 +0200 Subject: [PATCH] avcodec/takdec: Fixes: integer overflow in AV_SAMPLE_FMT_U8P output Fixes: runtime error: signed integer overflow: 2147483543 + 128 cannot be represented in type 'int' Fixes: 2234/clusterfuzz-testcase-minimized-6266896041115648 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer --- libavcodec/takdec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavcodec/takdec.c b/libavcodec/takdec.c index 7d3502b53c..8df73115d8 100644 --- a/libavcodec/takdec.c +++ b/libavcodec/takdec.c @@ -889,7 +889,7 @@ static int tak_decode_frame(AVCodecContext *avctx, void *data, uint8_t *samples = (uint8_t *)frame->extended_data[chan]; int32_t *decoded = s->decoded[chan]; for (i = 0; i < s->nb_samples; i++) - samples[i] = decoded[i] + 0x80; + samples[i] = decoded[i] + 0x80U; } break; case AV_SAMPLE_FMT_S16P: