From c4c0245686bc2fcc545644101c7b328fed71f268 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Fri, 12 May 2017 13:13:46 +0200 Subject: [PATCH] avcodec/g723_1dec: Fix runtime error: left shift of negative value -1 Fixes: 1504/clusterfuzz-testcase-minimized-6249212138225664 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer --- libavcodec/g723_1dec.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libavcodec/g723_1dec.c b/libavcodec/g723_1dec.c index 6d452df189..89089f5f64 100644 --- a/libavcodec/g723_1dec.c +++ b/libavcodec/g723_1dec.c @@ -695,13 +695,13 @@ static int estimate_sid_gain(G723_1_Context *p) if (y <= 0) { t = seg * 32 + (val + 1 << seg2); t = t * t - x; - val = (seg2 - 1 << 4) + val; + val = (seg2 - 1) * 16 + val; if (t >= y) val++; } else { t = seg * 32 + (val - 1 << seg2); t = t * t - x; - val = (seg2 - 1 << 4) + val; + val = (seg2 - 1) * 16 + val; if (t >= y) val--; }