avcodec/apedec: fix integer overflow in 8bit samples

Fixes: signed integer overflow: 2147483542 + 128 cannot be represented in type 'int' Fixes: 42812/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-6344057861832704 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 7cee3b37187dbf61dbebff023f07ceedfc0129bb) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Michael Niedermayer <michael@niedermayer.cc> 2021-12-23 20:39:14 +0100
committer: Michael Niedermayer <michael@niedermayer.cc> 2022-04-09 22:19:40 +0200
commit: 254ebed4d57a37911561ac2578d879a75a1de06d (patch)
tree: 47cf114248da4922504b4dd9586c7c490b8fd4c9
parent: a5b213a89e22e91b2d47544b2300e1819b47ad63 (diff)
download: ffmpeg-254ebed4d57a37911561ac2578d879a75a1de06d.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/libavcodec/apedec.c b/libavcodec/apedec.c
index 9e3756fc32..8a54c750b5 100644
--- a/libavcodec/apedec.c
+++ b/libavcodec/apedec.c
@@ -1529,7 +1529,7 @@ static int ape_decode_frame(AVCodecContext *avctx, void *data,
         for (ch = 0; ch < s->channels; ch++) {
             sample8 = (uint8_t *)frame->data[ch];
             for (i = 0; i < blockstodecode; i++)
-                *sample8++ = (s->decoded[ch][i] + 0x80) & 0xff;
+                *sample8++ = (s->decoded[ch][i] + 0x80U) & 0xff;
         }
         break;
     case 16:
author	Michael Niedermayer <michael@niedermayer.cc>	2021-12-23 20:39:14 +0100
committer	Michael Niedermayer <michael@niedermayer.cc>	2022-04-09 22:19:40 +0200
commit	254ebed4d57a37911561ac2578d879a75a1de06d (patch)
tree	47cf114248da4922504b4dd9586c7c490b8fd4c9
parent	a5b213a89e22e91b2d47544b2300e1819b47ad63 (diff)
download	ffmpeg-254ebed4d57a37911561ac2578d879a75a1de06d.tar.gz