On Fri, Nov 7, 2014 at 6:07 PM, Luca Barbato <[email protected]> wrote: > On 04/11/14 15:37, Vittorio Giovara wrote: >> >> CC: [email protected] >> Bug-Id: CID 700559 / CID 700560 >> --- >> libavcodec/x86/mpegvideo.c | 4 ++-- >> 1 file changed, 2 insertions(+), 2 deletions(-) >> >> diff --git a/libavcodec/x86/mpegvideo.c b/libavcodec/x86/mpegvideo.c >> index 1395156..3f0d5c5 100644 >> --- a/libavcodec/x86/mpegvideo.c >> +++ b/libavcodec/x86/mpegvideo.c >> @@ -39,9 +39,9 @@ static void dct_unquantize_h263_intra_mmx(MpegEncContext >> *s, >> >> if (!s->h263_aic) { >> if (n < 4) >> - level = block[0] * s->y_dc_scale; >> + level = block[0] * (x86_reg) s->y_dc_scale; >> else >> - level = block[0] * s->c_dc_scale; >> + level = block[0] * (x86_reg) s->c_dc_scale; >> qadd = (qscale - 1) | 1; >> }else{ >> qadd = 0; >> > > how big could be that value?
CID 700560 (#1 of 1): Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)overflow_before_widen: Potentially overflowing expression block[0] * s->y_dc_scale with type int (32 bits, signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type x86_reg (64 bits, signed). To avoid overflow, cast either block[0] or s->y_dc_scale to type x86_reg. -- Vittorio _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
