vp8,GetSigned: silence unsigned int overflow warning

in non-conformant fuzzed bitstreams the calculation of br->value may
overflow. this is defined behavior and harmless in that the stream is
already corrupt.

BUG=b/148271109

Change-Id: I3668ada57e0bd68cea86b82917fb03c19ac1283d

diff --git a/vp8/decoder/detokenize.c b/vp8/decoder/detokenize.c
index b350bafbc5d9fed22360e3b878c853e993644352..1c77873f0bc52a09e7e3171b0484764a84ed70fd 100644 (file)
--- a/vp8/decoder/detokenize.c
+++ b/vp8/decoder/detokenize.c
@@ -11,6 +11,7 @@
 #include "vp8/common/blockd.h"
 #include "onyxd_int.h"
 #include "vpx_mem/vpx_mem.h"
+#include "vpx_ports/compiler_attributes.h"
 #include "vpx_ports/mem.h"
 #include "detokenize.h"
 
@@ -52,7 +53,10 @@ static const uint8_t kZigzag[16] = { 0, 1,  4,  8,  5, 2,  3,  6,
 /* for const-casting */
 typedef const uint8_t (*ProbaArray)[NUM_CTX][NUM_PROBAS];
 
-static int GetSigned(BOOL_DECODER *br, int value_to_sign) {
+// With corrupt / fuzzed streams the calculation of br->value may overflow. See
+// b/148271109.
+static VPX_NO_UNSIGNED_OVERFLOW_CHECK int GetSigned(BOOL_DECODER *br,
+                                                    int value_to_sign) {
   int split = (br->range + 1) >> 1;
   VP8_BD_VALUE bigsplit = (VP8_BD_VALUE)split << (VP8_BD_VALUE_SIZE - 8);
   int v;