On 09/11/14 08:43, Vittorio Giovara wrote:
On Fri, Nov 7, 2014 at 6:07 PM, Luca Barbato <[email protected]> wrote:
On 04/11/14 15:37, Vittorio Giovara wrote:
CC: [email protected]
Bug-Id: CID 700559 / CID 700560
---
libavcodec/x86/mpegvideo.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libavcodec/x86/mpegvideo.c b/libavcodec/x86/mpegvideo.c
index 1395156..3f0d5c5 100644
--- a/libavcodec/x86/mpegvideo.c
+++ b/libavcodec/x86/mpegvideo.c
@@ -39,9 +39,9 @@ static void dct_unquantize_h263_intra_mmx(MpegEncContext
*s,
if (!s->h263_aic) {
if (n < 4)
- level = block[0] * s->y_dc_scale;
+ level = block[0] * (x86_reg) s->y_dc_scale;
else
- level = block[0] * s->c_dc_scale;
+ level = block[0] * (x86_reg) s->c_dc_scale;
qadd = (qscale - 1) | 1;
}else{
qadd = 0;
how big could be that value?
CID 700560 (#1 of 1): Unintentional integer overflow
(OVERFLOW_BEFORE_WIDEN)overflow_before_widen: Potentially overflowing
expression block[0] * s->y_dc_scale with type int (32 bits, signed) is
evaluated using 32-bit arithmetic, and then used in a context that
expects an expression of type x86_reg (64 bits, signed).
To avoid overflow, cast either block[0] or s->y_dc_scale to type x86_reg.
we code such as
block[0] = block[0] * s->y_dc_scale;
The range of c_dc_scale and block[0] is what I wanted to know.
scale_table maximum is 62, block is int16_t.
False positive.
lu
_______________________________________________
libav-devel mailing list
[email protected]
https://lists.libav.org/mailman/listinfo/libav-devel
