[FFmpeg-cvslog] avcodec/dss_sp: Fix multiple left shift of negative value -466
Michael Niedermayer
git at videolan.org
Fri May 5 19:35:59 EEST 2017
ffmpeg | branch: master | Michael Niedermayer <michael at niedermayer.cc> | Fri May 5 18:07:25 2017 +0200| [38152d9368beb080b4acd6cd9e5ccc89b3f733bf] | committer: Michael Niedermayer
avcodec/dss_sp: Fix multiple left shift of negative value -466
Fixes: 1339/clusterfuzz-testcase-minimized-4614671485108224
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=38152d9368beb080b4acd6cd9e5ccc89b3f733bf
---
libavcodec/dss_sp.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libavcodec/dss_sp.c b/libavcodec/dss_sp.c
index ddea48304f..93e54c5209 100644
--- a/libavcodec/dss_sp.c
+++ b/libavcodec/dss_sp.c
@@ -33,7 +33,7 @@
#define DSS_SP_FRAME_SIZE 42
#define DSS_SP_SAMPLE_COUNT (66 * SUBFRAMES)
-#define DSS_SP_FORMULA(a, b, c) (((((a) << 15) + (b) * (c)) + 0x4000) >> 15)
+#define DSS_SP_FORMULA(a, b, c) (((((a) * (1 << 15)) + (b) * (c)) + 0x4000) >> 15)
typedef struct DssSpSubframe {
int16_t gain;
@@ -499,7 +499,7 @@ static void dss_sp_scale_vector(int32_t *vec, int bits, int size)
vec[i] = vec[i] >> -bits;
else
for (i = 0; i < size; i++)
- vec[i] = vec[i] << bits;
+ vec[i] = vec[i] * (1 << bits);
}
static void dss_sp_update_buf(int32_t *hist, int32_t *vector)
More information about the ffmpeg-cvslog
mailing list