From 21cb19455c08555431eb7b4a942df6a9f64c0941 Mon Sep 17 00:00:00 2001 From: Martin Storsjo Date: Wed, 7 Jun 2017 16:17:59 +0300 Subject: [PATCH] Don't try to read a negative number of bits Fixes: 1919/clusterfuzz-testcase-minimized-5021082513833984 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg --- libSBRdec/src/psbitdec.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libSBRdec/src/psbitdec.cpp b/libSBRdec/src/psbitdec.cpp index 29bddf7..ec6e484 100644 --- a/libSBRdec/src/psbitdec.cpp +++ b/libSBRdec/src/psbitdec.cpp @@ -498,7 +498,7 @@ ReadPsData (HANDLE_PS_DEC h_ps_d, /*!< handle to struct PS_DEC */ h_ps_d->bPsDataAvail[h_ps_d->bsReadSlot] = ppt_none; /* discard all remaining bits */ nBitsLeft -= startbits - FDKgetValidBits(hBitBuf); - while (nBitsLeft) { + while (nBitsLeft > 0) { int i = nBitsLeft; if (i>8) { i = 8;