From 9744e41c40598c6a0b74440f3b5be63f9f3708a5 Mon Sep 17 00:00:00 2001 From: Fraunhofer IIS FDK Date: Fri, 8 Jun 2018 18:03:16 +0200 Subject: Prevent bit buffer counter overflow. While long-term test we discovered a bit counter overflow in the bit buffer. The bit buffer state was only used by HCR and RVLC tool and can easily be substituted with FDKgetValidBits() call. The following patch completely removes the bit counter and all its obsolete functions. Bug: 112662184 Test: atest DecoderTestXheAac ; atest DecoderTestAacDrc Change-Id: Icee0519d26a2aa62367d2dece59cd3d60ffcade7 (cherry picked from commit 15292f7e9620caf9e8df26a62efc2a2891ea822e) --- libAACdec/src/aacdec_hcr_bit.cpp | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'libAACdec/src/aacdec_hcr_bit.cpp') diff --git a/libAACdec/src/aacdec_hcr_bit.cpp b/libAACdec/src/aacdec_hcr_bit.cpp index a53ef16..0198659 100644 --- a/libAACdec/src/aacdec_hcr_bit.cpp +++ b/libAACdec/src/aacdec_hcr_bit.cpp @@ -132,13 +132,14 @@ read direction. It is called very often, therefore it makes sense to inline it return: - bit from bitstream -------------------------------------------------------------------------------------------- */ -UINT HcrGetABitFromBitstream(HANDLE_FDK_BITSTREAM bs, INT *pLeftStartOfSegment, +UINT HcrGetABitFromBitstream(HANDLE_FDK_BITSTREAM bs, const INT bsAnchor, + INT *pLeftStartOfSegment, INT *pRightStartOfSegment, UCHAR readDirection) { UINT bit; INT readBitOffset; if (readDirection == FROM_LEFT_TO_RIGHT) { - readBitOffset = *pLeftStartOfSegment - FDKgetBitCnt(bs); + readBitOffset = (INT)FDKgetValidBits(bs) - bsAnchor + *pLeftStartOfSegment; if (readBitOffset) { FDKpushBiDirectional(bs, readBitOffset); } @@ -147,7 +148,7 @@ UINT HcrGetABitFromBitstream(HANDLE_FDK_BITSTREAM bs, INT *pLeftStartOfSegment, *pLeftStartOfSegment += 1; } else { - readBitOffset = *pRightStartOfSegment - FDKgetBitCnt(bs); + readBitOffset = (INT)FDKgetValidBits(bs) - bsAnchor + *pRightStartOfSegment; if (readBitOffset) { FDKpushBiDirectional(bs, readBitOffset); } -- cgit v1.2.3