[FFmpeg-cvslog] avcodec/h264_direct: Fix overflow in POC comparission
Michael Niedermayer
git at videolan.org
Thu Mar 28 18:34:21 EET 2019
ffmpeg | branch: release/3.4 | Michael Niedermayer <michael at niedermayer.cc> | Thu Feb 14 00:05:34 2019 +0100| [8ddad9f9cdac4bf05a455fe5bb3efdab5957d1e4] | committer: Michael Niedermayer
avcodec/h264_direct: Fix overflow in POC comparission
Fixes: runtime error: signed integer overflow: 2147421862 - -33624063 cannot be represented in type 'int'
Fixes: 12885/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-5733516975800320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 5ccf296e74725bc8bdfbfe500d0482daa200b6f3)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8ddad9f9cdac4bf05a455fe5bb3efdab5957d1e4
---
libavcodec/h264_direct.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libavcodec/h264_direct.c b/libavcodec/h264_direct.c
index a7a107c8c2..3825996762 100644
--- a/libavcodec/h264_direct.c
+++ b/libavcodec/h264_direct.c
@@ -156,8 +156,8 @@ void ff_h264_direct_ref_list_init(const H264Context *const h, H264SliceContext *
av_log(h->avctx, AV_LOG_ERROR, "co located POCs unavailable\n");
sl->col_parity = 1;
} else
- sl->col_parity = (FFABS(col_poc[0] - cur_poc) >=
- FFABS(col_poc[1] - cur_poc));
+ sl->col_parity = (FFABS(col_poc[0] - (int64_t)cur_poc) >=
+ FFABS(col_poc[1] - (int64_t)cur_poc));
ref1sidx =
sidx = sl->col_parity;
// FL -> FL & differ parity
More information about the ffmpeg-cvslog
mailing list