avcodec/h264_ps: Fix runtime error: signed integer overflow: -1094995528 * 2 cannot be represented in type 'int'

Fixes: 615/clusterfuzz-testcase-5488002644049920 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Michael Niedermayer <michael@niedermayer.cc> 2017-02-19 22:54:30 +0100
committer: Michael Niedermayer <michael@niedermayer.cc> 2017-02-19 22:55:04 +0100
commit: 59e5b05ef6f26064fc399f8e23aa05f962b8ae48 (patch)
tree: 37e7cec9426b1ad1ffa0946ab2884174bb55a339 /libavcodec/h264_ps.c
parent: 258763ad0e1efff82bbe2beb97527d3c19f40932 (diff)
download: ffmpeg-59e5b05ef6f26064fc399f8e23aa05f962b8ae48.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/libavcodec/h264_ps.c b/libavcodec/h264_ps.c
index 8218e3a010..270d06b52a 100644
--- a/libavcodec/h264_ps.c
+++ b/libavcodec/h264_ps.c
@@ -468,7 +468,7 @@ int ff_h264_decode_seq_parameter_set(GetBitContext *gb, AVCodecContext *avctx,
 
     sps->frame_mbs_only_flag = get_bits1(gb);
 
-    if (sps->mb_height >= INT_MAX / 2) {
+    if (sps->mb_height >= INT_MAX / 2U) {
         av_log(avctx, AV_LOG_ERROR, "height overflow\n");
         goto fail;
     }
author	Michael Niedermayer <michael@niedermayer.cc>	2017-02-19 22:54:30 +0100
committer	Michael Niedermayer <michael@niedermayer.cc>	2017-02-19 22:55:04 +0100
commit	59e5b05ef6f26064fc399f8e23aa05f962b8ae48 (patch)
tree	37e7cec9426b1ad1ffa0946ab2884174bb55a339 /libavcodec/h264_ps.c
parent	258763ad0e1efff82bbe2beb97527d3c19f40932 (diff)
download	ffmpeg-59e5b05ef6f26064fc399f8e23aa05f962b8ae48.tar.gz