diff options
author | Martin Storsjo <martin@martin.st> | 2017-06-07 15:29:59 +0300 |
---|---|---|
committer | Martin Storsjo <martin@martin.st> | 2017-06-12 23:44:59 +0300 |
commit | 39e13c1acbca94f562f9776e1555ced50dd0dfcd (patch) | |
tree | 50d5a6a78d36b89dda17bb4c05aec01184443ae0 | |
parent | d2fa9750d5f5cc5099ed616f762aad36cf2d3e9a (diff) | |
download | fdk-aac-39e13c1acbca94f562f9776e1555ced50dd0dfcd.tar.gz fdk-aac-39e13c1acbca94f562f9776e1555ced50dd0dfcd.tar.bz2 fdk-aac-39e13c1acbca94f562f9776e1555ced50dd0dfcd.zip |
Fix "Stack-buffer-overflow in FDKmemset"
This probably doesn't fix the root cause, but at least fixes
the issues found in this particular fuzzed sample.
Fixes: 1973/clusterfuzz-testcase-minimized-6319232084082688
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
-rw-r--r-- | libFDK/src/qmf.cpp | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/libFDK/src/qmf.cpp b/libFDK/src/qmf.cpp index 54526dd..13e6ff2 100644 --- a/libFDK/src/qmf.cpp +++ b/libFDK/src/qmf.cpp @@ -791,6 +791,10 @@ qmfInverseModulationHQ( HANDLE_QMF_FILTER_BANK synQmf, /*!< Handle of Qmf Synth scaleValues(&tImag[0+synQmf->lsb], &qmfImag[0+synQmf->lsb], synQmf->usb-synQmf->lsb, scaleFactorHighBand); } + if (synQmf->usb >= synQmf->no_channels) { + return; + } + FDKmemclear(&tReal[synQmf->usb], (synQmf->no_channels-synQmf->usb)*sizeof(FIXP_QMF)); FDKmemclear(&tImag[synQmf->usb], (synQmf->no_channels-synQmf->usb)*sizeof(FIXP_QMF)); |