mirror of
https://github.com/xenia-project/FFmpeg.git
synced 2024-11-24 03:59:43 +00:00
avcodec/g723_1dec: Clip after shift in estimate_sid_gain()
Fixes: runtime error: left shift of 706 by 22 places cannot be represented in type 'int' See: L_shl() in the reference software Fixes: 1609/clusterfuzz-testcase-minimized-5102163007111168 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
parent
1a950f32ab
commit
23868ad5cb
@ -660,9 +660,15 @@ static int estimate_sid_gain(G723_1_Context *p)
|
||||
int i, shift, seg, seg2, t, val, val_add, x, y;
|
||||
|
||||
shift = 16 - p->cur_gain * 2;
|
||||
if (shift > 0)
|
||||
t = p->sid_gain << shift;
|
||||
else
|
||||
if (shift > 0) {
|
||||
if (p->sid_gain == 0) {
|
||||
t = 0;
|
||||
} else if (shift >= 31 || (int32_t)((uint32_t)p->sid_gain << shift) >> shift != p->sid_gain) {
|
||||
if (p->sid_gain < 0) t = INT32_MIN;
|
||||
else t = INT32_MAX;
|
||||
} else
|
||||
t = p->sid_gain << shift;
|
||||
}else
|
||||
t = p->sid_gain >> -shift;
|
||||
x = av_clipl_int32(t * (int64_t)cng_filt[0] >> 16);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user