Fixes: signed integer overflow: -2147483648 * -1 cannot be represented in type 'int'
Fixes: 16786/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-5632818851348480
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
... | ... |
@@ -222,7 +222,7 @@ static void lpc_prediction(int32_t *error_buffer, uint32_t *buffer_out, |
222 | 222 |
/* adapt LPC coefficients */ |
223 | 223 |
error_sign = sign_only(error_val); |
224 | 224 |
if (error_sign) { |
225 |
- for (j = 0; j < lpc_order && (int)error_val * error_sign > 0; j++) { |
|
225 |
+ for (j = 0; j < lpc_order && (int)(error_val * error_sign) > 0; j++) { |
|
226 | 226 |
int sign; |
227 | 227 |
val = d - pred[j]; |
228 | 228 |
sign = sign_only(val) * error_sign; |