avcodec/fic: Fix multiple left shift of negative value -15

Fixes: 1356/clusterfuzz-testcase-minimized-6008489086287872

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

diff --git a/libavcodec/fic.c b/libavcodec/fic.c
index 2bec3d7..3805f70 100644 (file)
--- a/libavcodec/fic.c
+++ b/libavcodec/fic.c
@@ -95,8 +95,8 @@ static av_always_inline void fic_idct(int16_t *blk, int step, int shift, int rnd
     const int t7 = t3 - t1;
     const int t8 =  17734 * blk[2 * step] - 42813 * blk[6 * step];
     const int t9 =  17734 * blk[6 * step] + 42814 * blk[2 * step];
-    const int tA = (blk[0 * step] - blk[4 * step] << 15) + rnd;
-    const int tB = (blk[0 * step] + blk[4 * step] << 15) + rnd;
+    const int tA = (blk[0 * step] - blk[4 * step]) * 32768 + rnd;
+    const int tB = (blk[0 * step] + blk[4 * step]) * 32768 + rnd;
     blk[0 * step] = (  t4       + t9 + tB) >> shift;
     blk[1 * step] = (  t6 + t7  + t8 + tA) >> shift;
     blk[2 * step] = (  t6 - t7  - t8 + tA) >> shift;