avcodec/cavsdec: Fix runtime error: signed integer overflow: 31 + 2147483640 cannot be represented in type 'int'

Fixes: 1506/clusterfuzz-testcase-minimized-5401272918212608 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Michael Niedermayer <michael@niedermayer.cc> 2017-05-13 00:42:29 +0200
committer: Michael Niedermayer <michael@niedermayer.cc> 2017-05-13 00:43:07 +0200
commit: 5ac17f187ae6ec97ad41b763f999bd99782c37aa (patch)
tree: 1dc01f472df27ae20824f23bc722ad5367a4b7d9 /libavcodec/cavsdec.c
parent: cb243972b121b1ae6b60a78ff55a0506c69f3879 (diff)
download: ffmpeg-5ac17f187ae6ec97ad41b763f999bd99782c37aa.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/libavcodec/cavsdec.c b/libavcodec/cavsdec.c
index eb2464f36d..800c1af462 100644
--- a/libavcodec/cavsdec.c
+++ b/libavcodec/cavsdec.c
@@ -684,7 +684,7 @@ static int decode_mb_i(AVSContext *h, int cbp_code)
     }
     h->cbp = cbp_tab[cbp_code][0];
     if (h->cbp && !h->qp_fixed)
-        h->qp = (h->qp + get_se_golomb(gb)) & 63; //qp_delta
+        h->qp = (h->qp + (unsigned)get_se_golomb(gb)) & 63; //qp_delta
 
     /* luma intra prediction interleaved with residual decode/transform/add */
     for (block = 0; block < 4; block++) {
author	Michael Niedermayer <michael@niedermayer.cc>	2017-05-13 00:42:29 +0200
committer	Michael Niedermayer <michael@niedermayer.cc>	2017-05-13 00:43:07 +0200
commit	5ac17f187ae6ec97ad41b763f999bd99782c37aa (patch)
tree	1dc01f472df27ae20824f23bc722ad5367a4b7d9 /libavcodec/cavsdec.c
parent	cb243972b121b1ae6b60a78ff55a0506c69f3879 (diff)
download	ffmpeg-5ac17f187ae6ec97ad41b763f999bd99782c37aa.tar.gz