Fixes: signed integer overflow: 1 + 2147483647 cannot be represented in type 'int'
Fixes: 30877/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MOBICLIP_fuzzer-4775601145774080
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
sidx += 6;
if (index > 0) {
- mv.x = mv.x + get_se_golomb(gb);
- mv.y = mv.y + get_se_golomb(gb);
+ mv.x = mv.x + (unsigned)get_se_golomb(gb);
+ mv.y = mv.y + (unsigned)get_se_golomb(gb);
}
if (mv.x >= INT_MAX || mv.y >= INT_MAX)
return AVERROR_INVALIDDATA;