[FFmpeg-cvslog] avcodec/jpeg2000: Fixes integer overflow in ff_jpeg2000_ceildivpow2()

Michael Niedermayer git at videolan.org
Thu Aug 24 15:05:06 EEST 2017


ffmpeg | branch: release/2.8 | Michael Niedermayer <michael at niedermayer.cc> | Thu Jun 15 23:26:18 2017 +0200| [92c5ff0763b80156dcf6d3e0386d2c942c675398] | committer: Michael Niedermayer

avcodec/jpeg2000: Fixes integer overflow in ff_jpeg2000_ceildivpow2()

Fixes: runtime error: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Fixes: 2231/clusterfuzz-testcase-minimized-4565181982048256

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e3fadc57c5c170f31455abacbcbd67115d7321d7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=92c5ff0763b80156dcf6d3e0386d2c942c675398
---

 libavcodec/jpeg2000.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/jpeg2000.h b/libavcodec/jpeg2000.h
index 873e4505ec..8a022ad918 100644
--- a/libavcodec/jpeg2000.h
+++ b/libavcodec/jpeg2000.h
@@ -215,7 +215,7 @@ typedef struct Jpeg2000Component {
 /* misc tools */
 static inline int ff_jpeg2000_ceildivpow2(int a, int b)
 {
-    return -(((int64_t)(-a)) >> b);
+    return -((-(int64_t)a) >> b);
 }
 
 static inline int ff_jpeg2000_ceildiv(int a, int b)



More information about the ffmpeg-cvslog mailing list