diff options
author | Jorge E. Moreira <jemoreira@google.com> | 2021-07-13 16:50:33 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2021-07-13 16:50:33 +0000 |
commit | de325903817061f3a390928a79136afe66dc3594 (patch) | |
tree | 2bb892d71caf976167223d81e692319771f72860 | |
parent | 301f92fea3b78064662de08d22df9d0f2d0c6261 (diff) | |
parent | 5480c1d2817b9a564e69d3c0c151c6411ae4909b (diff) | |
download | libvpx-de325903817061f3a390928a79136afe66dc3594.tar.gz |
Avoid overflow in calc_iframe_target_size am: 5480c1d281
Original change: https://googleplex-android-review.googlesource.com/c/platform/external/libvpx/+/15148150
Change-Id: Ieceadae522d647a94d049c772bb843c2e9ac18b3
-rw-r--r-- | README.version | 1 | ||||
-rw-r--r-- | libvpx/vp8/encoder/ratectrl.c | 8 |
2 files changed, 7 insertions, 2 deletions
diff --git a/README.version b/README.version index 7e8c25da3..f555bcc48 100644 --- a/README.version +++ b/README.version @@ -11,3 +11,4 @@ Local Modifications: 5e065cf9d vp8/{ratectrl,onyx_if}: fix some signed integer overflows 5eab093a7 vp9_ratectrl: fix some signed integer overflows baefbe85d Cap target bitrate to raw rate internally + 5f345a924 Avoid overflow in calc_iframe_target_size diff --git a/libvpx/vp8/encoder/ratectrl.c b/libvpx/vp8/encoder/ratectrl.c index d8d55fce2..d93fb59a4 100644 --- a/libvpx/vp8/encoder/ratectrl.c +++ b/libvpx/vp8/encoder/ratectrl.c @@ -349,8 +349,12 @@ static void calc_iframe_target_size(VP8_COMP *cpi) { } if (cpi->oxcf.rc_max_intra_bitrate_pct) { - unsigned int max_rate = - cpi->per_frame_bandwidth * cpi->oxcf.rc_max_intra_bitrate_pct / 100; + unsigned int max_rate; + // This product may overflow unsigned int + uint64_t product = cpi->per_frame_bandwidth; + product *= cpi->oxcf.rc_max_intra_bitrate_pct; + product /= 100; + max_rate = (unsigned int)VPXMIN(INT_MAX, product); if (target > max_rate) target = max_rate; } |