aboutsummaryrefslogtreecommitdiffstats
path: root/libMpegTPDec/src/tpdec_asc.cpp
diff options
context:
space:
mode:
authorMartin Storsjo <martin@martin.st>2020-02-01 22:13:18 +0200
committerMartin Storsjo <martin@martin.st>2020-02-01 22:13:18 +0200
commite7d8591ff208803eee35dc289e89a0d69b707585 (patch)
treef740dfc37b3a439a40cbd41c995031bffb942c42 /libMpegTPDec/src/tpdec_asc.cpp
parentd47c2c625940d2bd62b0cd581605c5122c3d2cfd (diff)
downloadfdk-aac-e7d8591ff208803eee35dc289e89a0d69b707585.tar.gz
fdk-aac-e7d8591ff208803eee35dc289e89a0d69b707585.tar.bz2
fdk-aac-e7d8591ff208803eee35dc289e89a0d69b707585.zip
Don't use an enum for a value read directly from the bitstream
The enum doesn't cover all possible values read from the bitstream. This fixes undefined behaviour sanitizer errors. Fixes: 20376/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBFDK_AAC_fuzzer-4785514974806016.dms Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Diffstat (limited to 'libMpegTPDec/src/tpdec_asc.cpp')
-rw-r--r--libMpegTPDec/src/tpdec_asc.cpp4
1 files changed, 2 insertions, 2 deletions
diff --git a/libMpegTPDec/src/tpdec_asc.cpp b/libMpegTPDec/src/tpdec_asc.cpp
index 28bc22d..0f80a4b 100644
--- a/libMpegTPDec/src/tpdec_asc.cpp
+++ b/libMpegTPDec/src/tpdec_asc.cpp
@@ -1628,14 +1628,14 @@ static TRANSPORTDEC_ERROR configExtension(CSUsacConfig *usc,
TRANSPORTDEC_ERROR ErrorStatus = TRANSPORTDEC_OK;
int numConfigExtensions;
- CONFIG_EXT_ID usacConfigExtType;
+ int usacConfigExtType;
int usacConfigExtLength;
numConfigExtensions = (int)escapedValue(hBs, 2, 4, 8) + 1;
for (int confExtIdx = 0; confExtIdx < numConfigExtensions; confExtIdx++) {
INT nbits;
int loudnessInfoSetConfigExtensionPosition = FDKgetValidBits(hBs);
- usacConfigExtType = (CONFIG_EXT_ID)escapedValue(hBs, 4, 8, 16);
+ usacConfigExtType = escapedValue(hBs, 4, 8, 16);
usacConfigExtLength = (int)escapedValue(hBs, 4, 8, 16);
/* Start bit position of config extension */