From 6fb90905e2c5e42e19484046757fd098df2c6fcf Mon Sep 17 00:00:00 2001
From: Martin Panter <vadmium+py@gmail.com>
Date: Tue, 19 Jul 2016 03:05:42 +0000
Subject: [PATCH] Issue #1621: Avoid signed int negation overflow in audioop

---
 Misc/NEWS         | 2 ++
 Modules/audioop.c | 4 +++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/Misc/NEWS b/Misc/NEWS
index 621f7e5e595..911a29ead20 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -26,6 +26,8 @@ Core and Builtins
 Library
 -------
 
+- Issue #1621: Avoid signed int negation overflow in the "audioop" module.
+
 - Issue #27533: Release GIL in nt._isdir
 
 - Issue #17711: Fixed unpickling by the persistent ID with protocol 0.
diff --git a/Modules/audioop.c b/Modules/audioop.c
index 8ca64c6956c..ed1eca3c1d7 100644
--- a/Modules/audioop.c
+++ b/Modules/audioop.c
@@ -446,7 +446,9 @@ audioop_max_impl(PyObject *module, Py_buffer *fragment, int width)
         return NULL;
     for (i = 0; i < fragment->len; i += width) {
         int val = GETRAWSAMPLE(width, fragment->buf, i);
-        if (val < 0) absval = (-val);
+        /* Cast to unsigned before negating. Unsigned overflow is well-
+        defined, but signed overflow is not. */
+        if (val < 0) absval = -(unsigned int)val;
         else absval = val;
         if (absval > max) max = absval;
     }