Merge "Avoid overflow in calc_iframe_target_size"
diff --git a/README.version b/README.version
index 7e8c25d..f555bcc 100644
--- a/README.version
+++ b/README.version
@@ -11,3 +11,4 @@
5e065cf9d vp8/{ratectrl,onyx_if}: fix some signed integer overflows
5eab093a7 vp9_ratectrl: fix some signed integer overflows
baefbe85d Cap target bitrate to raw rate internally
+ 5f345a924 Avoid overflow in calc_iframe_target_size
diff --git a/libvpx/vp8/encoder/ratectrl.c b/libvpx/vp8/encoder/ratectrl.c
index d8d55fc..d93fb59 100644
--- a/libvpx/vp8/encoder/ratectrl.c
+++ b/libvpx/vp8/encoder/ratectrl.c
@@ -349,8 +349,12 @@
}
if (cpi->oxcf.rc_max_intra_bitrate_pct) {
- unsigned int max_rate =
- cpi->per_frame_bandwidth * cpi->oxcf.rc_max_intra_bitrate_pct / 100;
+ unsigned int max_rate;
+ // This product may overflow unsigned int
+ uint64_t product = cpi->per_frame_bandwidth;
+ product *= cpi->oxcf.rc_max_intra_bitrate_pct;
+ product /= 100;
+ max_rate = (unsigned int)VPXMIN(INT_MAX, product);
if (target > max_rate) target = max_rate;
}
