Browse Source

avcodec/h264idct_template: fix multiple runtime error: signed integer overflow

Fixes: 857/clusterfuzz-testcase-5319093760557056

Benchmark changes from 335->333 (so if its not a random fluctuation then it would be faster)

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
tags/n3.3
Michael Niedermayer 9 years ago
parent
commit
2898bc522d
1 changed files with 5 additions and 5 deletions
  1. +5
    -5
      libavcodec/h264idct_template.c

+ 5
- 5
libavcodec/h264idct_template.c View File

@@ -304,7 +304,7 @@ void FUNCC(ff_h264_chroma422_dc_dequant_idct)(int16_t *_block, int qmul){
void FUNCC(ff_h264_chroma_dc_dequant_idct)(int16_t *_block, int qmul){
const int stride= 16*2;
const int xStride= 16;
int a,b,c,d,e;
SUINT a,b,c,d,e;
dctcoef *block = (dctcoef*)_block;

a= block[stride*0 + xStride*0];
@@ -317,8 +317,8 @@ void FUNCC(ff_h264_chroma_dc_dequant_idct)(int16_t *_block, int qmul){
b= c-d;
c= c+d;

block[stride*0 + xStride*0]= ((a+c)*qmul) >> 7;
block[stride*0 + xStride*1]= ((e+b)*qmul) >> 7;
block[stride*1 + xStride*0]= ((a-c)*qmul) >> 7;
block[stride*1 + xStride*1]= ((e-b)*qmul) >> 7;
block[stride*0 + xStride*0]= (int)((a+c)*qmul) >> 7;
block[stride*0 + xStride*1]= (int)((e+b)*qmul) >> 7;
block[stride*1 + xStride*0]= (int)((a-c)*qmul) >> 7;
block[stride*1 + xStride*1]= (int)((e-b)*qmul) >> 7;
}

Loading…
Cancel
Save