[Backport] Security bug 906739

Backport of original patch by Sam Zackrisson <saza@webrtc.org>:
Change the type of indW32 back to int32_t

It was changed to size_t in https://codereview.webrtc.org/1227163003,
which makes sense if the pitch lags in the code are also guaranteed
to be non-negative. Otherwise, integer wraparounds may happen, which
causes the code to circumvent the check for too low values here:
https://cs.chromium.org/chromium/src/third_party/webrtc/modules/audio_coding/codecs/isac/fix/source/pitch_filter.c?q=webrtcisacfix_pitchfilter&sq=package:chromium&g=0&l=112

Bug: chromium:906379
Change-Id: Ia9711fdba80f091f86230cc84629406500e8e232
Reviewed-on: https://webrtc-review.googlesource.com/c/113810
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>

1 files changed, 2 insertions, 2 deletions

diff --git a/chromium/third_party/webrtc/modules/audio_coding/codecs/isac/fix/source/pitch_filter.c b/chromium/third_party/webrtc/modules/audio_coding/codecs/isac/fix/source/pitch_filter.c
index e565e8564b1..56187e48308 100644
--- a/chromium/third_party/webrtc/modules/audio_coding/codecs/isac/fix/source/pitch_filter.c
+++ b/chromium/third_party/webrtc/modules/audio_coding/codecs/isac/fix/source/pitch_filter.c
@@ -9,7 +9,6 @@
  */
 
 #include "modules/audio_coding/codecs/isac/fix/source/pitch_estimator.h"
-
 #include "common_audio/signal_processing/include/signal_processing_library.h"
 #include "modules/audio_coding/codecs/isac/fix/source/settings.h"
 #include "modules/audio_coding/codecs/isac/fix/source/structs.h"
@@ -55,7 +54,8 @@ void WebRtcIsacfix_PitchFilter(int16_t* indatQQ, // Q10 if type is 1 or 4,
   const int16_t Gain = 21299;     // 1.3 in Q14
   int16_t oldLagQ7;
   int16_t oldGainQ12, lagdeltaQ7, curLagQ7, gaindeltaQ12, curGainQ12;
-  size_t indW32 = 0, frcQQ = 0;
+  size_t frcQQ = 0;
+  int32_t indW32 = 0
   const int16_t* fracoeffQQ = NULL;
 
   // Assumptions in ARM assembly for WebRtcIsacfix_PitchFilterCoreARM().