avcodec/wmv2dsp: Fix runtime error: signed integer overflow: 181 * -12156865 cannot...

Fixes: 1401/clusterfuzz-testcase-minimized-6526248148795392
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

diff --git a/libavcodec/wmv2dsp.c b/libavcodec/wmv2dsp.c
index 162ac92a728042eb8b4f066947779dba44c921c4..7a3a851861dd6b1810db84a6985a9a0e498a00b0 100644 (file)
--- a/libavcodec/wmv2dsp.c
+++ b/libavcodec/wmv2dsp.c
@@ -78,8 +78,8 @@ static void wmv2_idct_col(short * b)
     a4 = (W0 * b[8 * 0] - W0 * b[8 * 4]    ) >> 3;
 
     /* step 2 */
-    s1 = (181 * (a1 - a5 + a7 - a3) + 128) >> 8;
-    s2 = (181 * (a1 - a5 - a7 + a3) + 128) >> 8;
+    s1 = (int)(181U * (a1 - a5 + a7 - a3) + 128) >> 8;
+    s2 = (int)(181U * (a1 - a5 - a7 + a3) + 128) >> 8;
 
     /* step 3 */
     b[8 * 0] = (a0 + a2 + a1 + a5 + (1 << 13)) >> 14;