From 39e13c1acbca94f562f9776e1555ced50dd0dfcd Mon Sep 17 00:00:00 2001
From: Martin Storsjo <martin@martin.st>
Date: Wed, 7 Jun 2017 15:29:59 +0300
Subject: Fix "Stack-buffer-overflow in FDKmemset"

This probably doesn't fix the root cause, but at least fixes
the issues found in this particular fuzzed sample.

Fixes: 1973/clusterfuzz-testcase-minimized-6319232084082688

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
---
 libFDK/src/qmf.cpp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/libFDK/src/qmf.cpp b/libFDK/src/qmf.cpp
index 54526dd..13e6ff2 100644
--- a/libFDK/src/qmf.cpp
+++ b/libFDK/src/qmf.cpp
@@ -791,6 +791,10 @@ qmfInverseModulationHQ( HANDLE_QMF_FILTER_BANK synQmf,  /*!< Handle of Qmf Synth
     scaleValues(&tImag[0+synQmf->lsb], &qmfImag[0+synQmf->lsb], synQmf->usb-synQmf->lsb, scaleFactorHighBand);
   }
 
+  if (synQmf->usb >= synQmf->no_channels) {
+    return;
+  }
+
   FDKmemclear(&tReal[synQmf->usb], (synQmf->no_channels-synQmf->usb)*sizeof(FIXP_QMF));
   FDKmemclear(&tImag[synQmf->usb], (synQmf->no_channels-synQmf->usb)*sizeof(FIXP_QMF));
 
-- 
cgit v1.2.3