From 2bbea155bf7c6ce6d5ae53cc41e44798cad2f39c Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Thu, 27 Jun 2019 00:15:03 +0200
Subject: avcodec/4xm: Fix signed integer overflows in idct()

Fixes: signed integer overflow: 20242 * 121095 cannot be represented in type 'int'
Fixes: 15310/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FOURXM_fuzzer-5737051745419264

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/4xm.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'libavcodec/4xm.c')

diff --git a/libavcodec/4xm.c b/libavcodec/4xm.c
index 89120aa8fb..8382159bde 100644
--- a/libavcodec/4xm.c
+++ b/libavcodec/4xm.c
@@ -158,7 +158,7 @@ typedef struct FourXContext {
 #define FIX_1_847759065 121095
 #define FIX_2_613125930 171254
 
-#define MULTIPLY(var, const) (((var) * (const)) >> 16)
+#define MULTIPLY(var, const) ((int)((var) * (unsigned)(const)) >> 16)
 
 static void idct(int16_t block[64])
 {
-- 
cgit v1.2.3