Skip to content

Commit 60746df

Browse files
marco99zzmibrunin
marco99zz
authored and
mibrunin
committed
[Backport] Security bug 329674887 (2/2)
Cherry-pick of patch originally reviewed on https://chromium-review.googlesource.com/c/webm/libvpx/+/5375794: vp9: fix to integer overflow test failure for the 16k test: issue introduced in: c29e637283 Bug: b/329088759, b/329674887, b/329179808 Change-Id: I88e8a36b7f13223997c3006c84aec9cfa48c0bcf Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/554626 Reviewed-by: Michal Klocek <[email protected]>
1 parent 27bc134 commit 60746df

File tree

1 file changed

+3
-1
lines changed

1 file changed

+3
-1
lines changed

chromium/third_party/libvpx/source/libvpx/vp9/encoder/vp9_bitstream.c

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -967,7 +967,9 @@ static int encode_tiles_buffer_alloc_size(VP9_COMP *const cpi) {
967967
const int image_bps =
968968
(8 + 2 * (8 >> (cm->subsampling_x + cm->subsampling_y))) *
969969
(1 + (cm->bit_depth > 8));
970-
return cpi->oxcf.width * cpi->oxcf.height * image_bps / 8;
970+
const int64_t size =
971+
(int64_t)cpi->oxcf.width * cpi->oxcf.height * image_bps / 8;
972+
return (int)size;
971973
}
972974

973975
static void encode_tiles_buffer_alloc(VP9_COMP *const cpi) {

0 commit comments

Comments
 (0)