[FFmpeg-cvslog] avcodec/ffv1dec_template: Fix runtime error: signed integer overflow: 202 + 2147483615 cannot be represented in type 'int'

[Michael Niedermayer]

ffmpeg | branch: master | Michael Niedermayer <michael at niedermayer.cc> | Tue May 23 03:24:49 2017 +0200| [9726e9f80934202e761870e95d40e8c591208459] | committer: Michael Niedermayer

avcodec/ffv1dec_template: Fix runtime error: signed integer overflow: 202 + 2147483615 cannot be represented in type 'int'

Fixes: 1748/clusterfuzz-testcase-minimized-6690208340770816

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9726e9f80934202e761870e95d40e8c591208459
---

 libavcodec/ffv1dec_template.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/ffv1dec_template.c b/libavcodec/ffv1dec_template.c
index 21af155bba..36cfba9560 100644
--- a/libavcodec/ffv1dec_template.c
+++ b/libavcodec/ffv1dec_template.c
@@ -98,7 +98,7 @@ static av_always_inline void RENAME(decode_line)(FFV1Context *s, int w,
         if (sign)
             diff = -diff;
 
-        sample[1][x] = av_mod_uintp2(RENAME(predict)(sample[1] + x, sample[0] + x) + diff, bits);
+        sample[1][x] = av_mod_uintp2(RENAME(predict)(sample[1] + x, sample[0] + x) + (SUINT)diff, bits);
     }
     s->run_index = run_index;
 }