From 4384481fbcb6154534b3dab5a1cc37529296d532 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Sun, 18 Jun 2017 14:37:19 +0200
Subject: [PATCH] avcodec/takdec: Fixes: integer overflow in AV_SAMPLE_FMT_U8P
 output

Fixes: runtime error: signed integer overflow: 2147483543 + 128 cannot be represented in type 'int'
Fixes: 2234/clusterfuzz-testcase-minimized-6266896041115648

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 27c20068054d8c6786833234f7b6db19f1e98362)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/takdec.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/takdec.c b/libavcodec/takdec.c
index dbcc11747d..2861a813e1 100644
--- a/libavcodec/takdec.c
+++ b/libavcodec/takdec.c
@@ -889,7 +889,7 @@ static int tak_decode_frame(AVCodecContext *avctx, void *data,
             uint8_t *samples = (uint8_t *)frame->extended_data[chan];
             int32_t *decoded = s->decoded[chan];
             for (i = 0; i < s->nb_samples; i++)
-                samples[i] = decoded[i] + 0x80;
+                samples[i] = decoded[i] + 0x80U;
         }
         break;
     case AV_SAMPLE_FMT_S16P: