avcodec/h264_slice: Fix integer overflow with last_poc

Fixes: signed integer overflow: 2147483646 - -2816 cannot be represented in type 'int' Fixes: crbug 823145 Reported-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Michael Niedermayer <michael@niedermayer.cc> 2018-04-07 00:34:25 +0200
committer: Michael Niedermayer <michael@niedermayer.cc> 2018-04-12 23:52:59 +0200
commit: 8c02cd8ca097871dcd00cf8e08ce51660873f405 (patch)
tree: a1b543e0e59f6c8dcd73713f83b8471dc06e48d6 /libavcodec
parent: 0a8133119ca5d087c7c7140d100406ff84c477ee (diff)
download: ffmpeg-8c02cd8ca097871dcd00cf8e08ce51660873f405.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/libavcodec/h264_slice.c b/libavcodec/h264_slice.c
index 90e05ed8f1..d71ddbe9ba 100644
--- a/libavcodec/h264_slice.c
+++ b/libavcodec/h264_slice.c
@@ -1316,7 +1316,7 @@ static int h264_select_output_frame(H264Context *h)
     }
     out_of_order = MAX_DELAYED_PIC_COUNT - i;
     if(   cur->f->pict_type == AV_PICTURE_TYPE_B
-       || (h->last_pocs[MAX_DELAYED_PIC_COUNT-2] > INT_MIN && h->last_pocs[MAX_DELAYED_PIC_COUNT-1] - h->last_pocs[MAX_DELAYED_PIC_COUNT-2] > 2))
+       || (h->last_pocs[MAX_DELAYED_PIC_COUNT-2] > INT_MIN && h->last_pocs[MAX_DELAYED_PIC_COUNT-1] - (int64_t)h->last_pocs[MAX_DELAYED_PIC_COUNT-2] > 2))
         out_of_order = FFMAX(out_of_order, 1);
     if (out_of_order == MAX_DELAYED_PIC_COUNT) {
         av_log(h->avctx, AV_LOG_VERBOSE, "Invalid POC %d<%d\n", cur->poc, h->last_pocs[0]);
author	Michael Niedermayer <michael@niedermayer.cc>	2018-04-07 00:34:25 +0200
committer	Michael Niedermayer <michael@niedermayer.cc>	2018-04-12 23:52:59 +0200
commit	8c02cd8ca097871dcd00cf8e08ce51660873f405 (patch)
tree	a1b543e0e59f6c8dcd73713f83b8471dc06e48d6 /libavcodec
parent	0a8133119ca5d087c7c7140d100406ff84c477ee (diff)
download	ffmpeg-8c02cd8ca097871dcd00cf8e08ce51660873f405.tar.gz