avcodec/adpcm: Fix invalid shift in AV_CODEC_ID_ADPCM_PSX

Fixes: left shift of negative value -1
Fixes: 20859/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_PSX_fuzzer-5720391507247104
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

diff --git a/libavcodec/adpcm.c b/libavcodec/adpcm.c
index c69cac337914ed30634fc60633993f03e8e06f67..4f5980f7d55042628c2a71af204045b48e370982 100644 (file)
--- a/libavcodec/adpcm.c
+++ b/libavcodec/adpcm.c
@@ -1898,7 +1898,7 @@ static int adpcm_decode_frame(AVCodecContext *avctx, void *data,
                             scale = sign_extend(byte, 4);
                         }
 
-                        scale  = scale << 12;
+                        scale  = scale * (1 << 12);
                         sample = (int)((scale >> shift) + (c->status[channel].sample1 * xa_adpcm_table[filter][0] + c->status[channel].sample2 * xa_adpcm_table[filter][1]) / 64);
                     }
                     *samples++ = av_clip_int16(sample);