From e2bbb95d582111b79e3bf26af7a80f05637f2866 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Sun, 4 Jun 2017 17:14:13 +0200
Subject: avcodec/wavpack: Fix runtime error: signed integer overflow:
 2081021665 - -130689706 cannot be represented in type 'int'

Fixes: 2038/clusterfuzz-testcase-minimized-4521466148159488

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/wavpack.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/wavpack.c b/libavcodec/wavpack.c
index 25c8e94..6e601f0 100644
--- a/libavcodec/wavpack.c
+++ b/libavcodec/wavpack.c
@@ -248,7 +248,7 @@ static int wv_get_value(WavpackFrameContext *ctx, GetBitContext *gb,
                 add -= (mid - (unsigned)base);
                 base = mid;
             } else
-                add = mid - base - 1;
+                add = mid - (unsigned)base - 1;
             mid = (base * 2U + add + 1) >> 1;
         }
         ret = mid;
-- 
cgit v1.1