avcodec/g729postfilter: Clip gain before scaling with AGC_FAC1

The fixed point integer reference specifies the multiplication used to have 16bit input and clips so we need to clip the input The floating point implementation does not seem to do that. Fixes: signed integer overflow: 6317568 * 410 cannot be represented in type 'int' Fixes: 20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G729_fuzzer-5700189272932352 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Michael Niedermayer <michael@niedermayer.cc> 2020-05-10 11:34:53 +0200
committer: Michael Niedermayer <michael@niedermayer.cc> 2020-05-11 00:45:09 +0200
commit: 82d4c7b95ed98d38aa834ef5a8fb1d2ef3901698 (patch)
tree: c6a7343b4db88957cb3e8318be24d8ae904a1a43
parent: 22e51e95ac97864b3d7b21124eaf8fcce147f61e (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/libavcodec/g729postfilter.c b/libavcodec/g729postfilter.c
index ab668594d2..617744ec8e 100644
--- a/libavcodec/g729postfilter.c
+++ b/libavcodec/g729postfilter.c
@@ -600,6 +600,7 @@ int16_t ff_g729_adaptive_gain_control(int gain_before, int gain_after, int16_t *
             gain = ((gain_before - gain_after) << 14) / gain_after + 0x4000;
             gain = bidir_sal(gain, exp_after - exp_before);
         }
+        gain = av_clip_int16(gain);
         gain = (gain * G729_AGC_FAC1 + 0x4000) >> 15; // gain * (1-0.9875)
     } else
         gain = 0;
author	Michael Niedermayer <michael@niedermayer.cc>	2020-05-10 11:34:53 +0200
committer	Michael Niedermayer <michael@niedermayer.cc>	2020-05-11 00:45:09 +0200
commit	82d4c7b95ed98d38aa834ef5a8fb1d2ef3901698 (patch)
tree	c6a7343b4db88957cb3e8318be24d8ae904a1a43
parent	22e51e95ac97864b3d7b21124eaf8fcce147f61e (diff)