From fb2479d1dacc5f05bc9723791cbf1e1ad3f1121c Mon Sep 17 00:00:00 2001
From: Vincent Penquerc'h <vincent.penquerch@collabora.co.uk>
Date: Tue, 16 Aug 2011 10:02:11 +0100
Subject: [PATCH] aiffmux: avoid integer overflow

These values are 32 bits, and width is a multiple of 8.

https://bugzilla.gnome.org/show_bug.cgi?id=654278
---
 gst/aiff/aiffmux.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gst/aiff/aiffmux.c b/gst/aiff/aiffmux.c
index 39770cf2e3..6119cca588 100644
--- a/gst/aiff/aiffmux.c
+++ b/gst/aiff/aiffmux.c
@@ -236,7 +236,7 @@ gst_aiff_mux_write_comm_header (GstAiffMux * aiffmux, guint audio_data_size,
   gst_byte_writer_put_uint16_be (writer, aiffmux->channels);
   /* numSampleFrames value will be overwritten when known */
   gst_byte_writer_put_uint32_be (writer,
-      (audio_data_size * 8) / (aiffmux->width * aiffmux->channels));
+      audio_data_size / (aiffmux->width / 8 * aiffmux->channels));
   gst_byte_writer_put_uint16_be (writer, aiffmux->depth);
   gst_aiff_mux_write_ext (writer, aiffmux->rate);
 }