fenix/fdk-aac
1
0
Fork 0
mirror of https://github.com/mstorsjo/fdk-aac.git synced 2025-06-05 22:39:13 +02:00
Code Issues Projects Releases Wiki Activity

Don't use an enum for a value read directly from the bitstream

Browse Source 
The enum doesn't cover all possible values read from the bitstream.

This fixes undefined behaviour sanitizer errors.

Fixes: 23719/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBFDK_AAC_fuzzer-5111020367642624

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
This commit is contained in:
Martin Storsjo
2020-07-17 22:51:34 +03:00
parent ec58a940e2
commit 8439b745f6
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
libMpegTPDec/src/tpdec_asc.cpp
View File

@@ -1546,8 +1546,7 @@ static TRANSPORTDEC_ERROR extElementConfig(CSUsacExtElementConfig *extElement,
const AUDIO_OBJECT_TYPE aot) {
TRANSPORTDEC_ERROR ErrorStatus = TRANSPORTDEC_OK;
USAC_EXT_ELEMENT_TYPE usacExtElementType =
(USAC_EXT_ELEMENT_TYPE)escapedValue(hBs, 4, 8, 16);
int usacExtElementType = escapedValue(hBs, 4, 8, 16);
/* recurve extension elements which are invalid for USAC */
if (aot == AOT_USAC) {
@@ -1564,7 +1563,7 @@ static TRANSPORTDEC_ERROR extElementConfig(CSUsacExtElementConfig *extElement,
}
}
extElement->usacExtElementType = usacExtElementType;
extElement->usacExtElementType = (USAC_EXT_ELEMENT_TYPE) usacExtElementType;
int usacExtElementConfigLength = escapedValue(hBs, 4, 8, 16);
extElement->usacExtElementConfigLength = (USHORT)usacExtElementConfigLength;
INT bsAnchor;