diff options
| author | Martin Storsjo <martin@martin.st> | 2020-01-09 10:21:19 +0200 |
|---|---|---|
| committer | Martin Storsjo <martin@martin.st> | 2020-01-09 10:26:25 +0200 |
| commit | 28fcbe9faed794a9d74aef529beb83386da1f4aa (patch) | |
| tree | f17c33eadafe29a790e969884660bae1d008064f /libDRCdec | |
| parent | 10fcf89a3ee22443ac47374c3fcbf0cf2eee7f07 (diff) | |
| download | fdk-aac-28fcbe9faed794a9d74aef529beb83386da1f4aa.tar.gz fdk-aac-28fcbe9faed794a9d74aef529beb83386da1f4aa.tar.bz2 fdk-aac-28fcbe9faed794a9d74aef529beb83386da1f4aa.zip | |
Don't use an enum for a value read directly from the bitstream
The enum only defined values 1-7, while the variable can be set
to any value between 0 and 15 that is read from the bitstream
by FDKreadBits(hBs, 4).
This fixes undefined behaviour sanitizer errors.
Fixes: 19500/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBFDK_AAC_fuzzer-5730449188192256
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Diffstat (limited to 'libDRCdec')
| -rw-r--r-- | libDRCdec/src/drcDec_reader.cpp | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/libDRCdec/src/drcDec_reader.cpp b/libDRCdec/src/drcDec_reader.cpp index a784457..9b5403a 100644 --- a/libDRCdec/src/drcDec_reader.cpp +++ b/libDRCdec/src/drcDec_reader.cpp @@ -911,7 +911,7 @@ static void _skipEqCoefficients(HANDLE_FDK_BITSTREAM hBs) { firFilterOrder; int uniqueEqSubbandGainsCount, eqSubbandGainRepresentation, eqSubbandGainCount; - EQ_SUBBAND_GAIN_FORMAT eqSubbandGainFormat; + int eqSubbandGainFormat; eqDelayMaxPresent = FDKreadBits(hBs, 1); if (eqDelayMaxPresent) { @@ -952,7 +952,7 @@ static void _skipEqCoefficients(HANDLE_FDK_BITSTREAM hBs) { uniqueEqSubbandGainsCount = FDKreadBits(hBs, 6); if (uniqueEqSubbandGainsCount > 0) { eqSubbandGainRepresentation = FDKreadBits(hBs, 1); - eqSubbandGainFormat = (EQ_SUBBAND_GAIN_FORMAT)FDKreadBits(hBs, 4); + eqSubbandGainFormat = FDKreadBits(hBs, 4); switch (eqSubbandGainFormat) { case GF_QMF32: eqSubbandGainCount = 32; |