From 9b0f848911068943bbadeb37c0b8857605e74093 Mon Sep 17 00:00:00 2001
From: Martin Storsjo <martin@martin.st>
Date: Thu, 15 Aug 2019 13:12:57 +0300
Subject: Avoid a failed assert on invalid channel indices

Fixes: 14914/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBFDK_AAC_fuzzer-6288430994030592

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
---
 libPCMutils/src/pcmdmx_lib.cpp | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'libPCMutils/src')

diff --git a/libPCMutils/src/pcmdmx_lib.cpp b/libPCMutils/src/pcmdmx_lib.cpp
index 2070dbc..e3c3fa9 100644
--- a/libPCMutils/src/pcmdmx_lib.cpp
+++ b/libPCMutils/src/pcmdmx_lib.cpp
@@ -583,6 +583,9 @@ static PCMDMX_ERROR getChannelMode(
         (channelType[ch] & 0x0F) - 1,
         0); /* Assign all undefined channels (ACT_NONE) to front channels. */
 
+    if (channelIndices[ch] >= numCh[channelType[ch] >> 4][chGrp])
+      return PCMDMX_INVALID_CH_CONFIG;
+
     spkrPos[ch] = getSpeakerPos(channelType[ch], channelIndices[ch],
                                 numCh[channelType[ch] >> 4][chGrp]);
 
-- 
cgit v1.2.3