From 1929dd4eff93e81bab8637f298754294448e624e Mon Sep 17 00:00:00 2001 From: Andreas Rheinhardt Date: Wed, 18 Sep 2019 05:26:01 +0200 Subject: [PATCH] avcodec/cbs_av1: Make overread check more robust When performing a comparison of a signed int and an unsigned int, the signed int is first converted to an unsigned int, so that negative values are being treated as big, positive values. This can become a problem in an overread check, namely when an overread already happened. So change the type of the variable containing the amount of bits that need to be left to signed. Signed-off-by: Andreas Rheinhardt --- libavcodec/cbs_av1.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libavcodec/cbs_av1.c b/libavcodec/cbs_av1.c index 98cd37ef74..c027933218 100644 --- a/libavcodec/cbs_av1.c +++ b/libavcodec/cbs_av1.c @@ -211,8 +211,8 @@ static int cbs_av1_read_ns(CodedBitstreamContext *ctx, GetBitContext *gbc, uint32_t n, const char *name, const int *subscripts, uint32_t *write_to) { - uint32_t w, m, v, extra_bit, value; - int position; + uint32_t m, v, extra_bit, value; + int position, w; av_assert0(n > 0);