From 6b9cb5d26a2d9905093621d12785bc5903dce66d Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Sun, 28 May 2017 18:09:47 +0200
Subject: avcodec/aacdec_fixed: Fix runtime error: left shift of 1 by 31 places
 cannot be represented in type 'int'

Fixes: 1878/clusterfuzz-testcase-minimized-6441918630199296

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/aacdec_fixed.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'libavcodec/aacdec_fixed.c')

diff --git a/libavcodec/aacdec_fixed.c b/libavcodec/aacdec_fixed.c
index 950ce20f80..d8786dff43 100644
--- a/libavcodec/aacdec_fixed.c
+++ b/libavcodec/aacdec_fixed.c
@@ -211,8 +211,8 @@ static void noise_scale(int *coefs, int scale, int band_energy, int len)
         for (i=0; i<len; i++) {
             coefs[i] = 0;
         }
-    } else if (s > 0) {
-        round = 1 << (s-1);
+    } else if (s >= 0) {
+        round = s ? 1 << (s-1) : 0;
         for (i=0; i<len; i++) {
             out = (int)(((int64_t)coefs[i] * c) >> 32);
             coefs[i] = ((int)(out+round) >> s) * ssign;
-- 
cgit v1.2.3