fenix/fdk-aac
1
0
Fork 0
mirror of https://github.com/mstorsjo/fdk-aac.git synced 2025-06-05 22:39:13 +02:00
Code Issues Projects Releases Wiki Activity

Don't use enums for values read directly from the bitstream

Browse Source 
The enums don't cover all possible values read from the bitstream.

This fixes undefined behaviour sanitizer errors.

Fixes: 31011/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBFDK_AAC_fuzzer-4981228811976704

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
This commit is contained in:
Martin Storsjo
2021-04-23 16:07:42 +03:00
parent 5329a829a0
commit b0789a3438
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
libFDK/src/nlc_dec.cpp
View File

@@ -568,7 +568,7 @@ bail:
static ERROR_t huff_decode(HANDLE_FDK_BITSTREAM strm, SCHAR* out_data_1, static ERROR_t huff_decode(HANDLE_FDK_BITSTREAM strm, SCHAR* out_data_1,
SCHAR* out_data_2, DATA_TYPE data_type, SCHAR* out_data_2, DATA_TYPE data_type,
DIFF_TYPE diff_type_1, DIFF_TYPE diff_type_2, DIFF_TYPE diff_type_1, DIFF_TYPE diff_type_2,
int num_val, CODING_SCHEME* cdg_scheme, int ldMode) { int num_val, int* cdg_scheme, int ldMode) {
ERROR_t err = HUFFDEC_OK; ERROR_t err = HUFFDEC_OK;
DIFF_TYPE diff_type; DIFF_TYPE diff_type;
@@ -597,14 +597,14 @@ static ERROR_t huff_decode(HANDLE_FDK_BITSTREAM strm, SCHAR* out_data_1,
/* Coding scheme */ /* Coding scheme */
data = FDKreadBits(strm, 1); data = FDKreadBits(strm, 1);
*cdg_scheme = (CODING_SCHEME)(data << PAIR_SHIFT); *cdg_scheme = (data << PAIR_SHIFT);
if (*cdg_scheme >> PAIR_SHIFT == HUFF_2D) { if (*cdg_scheme >> PAIR_SHIFT == HUFF_2D) {
if ((out_data_1 != NULL) && (out_data_2 != NULL) && (ldMode == 0)) { if ((out_data_1 != NULL) && (out_data_2 != NULL) && (ldMode == 0)) {
data = FDKreadBits(strm, 1); data = FDKreadBits(strm, 1);
*cdg_scheme = (CODING_SCHEME)(*cdg_scheme | data); *cdg_scheme = (*cdg_scheme | data);
} else { } else {
*cdg_scheme = (CODING_SCHEME)(*cdg_scheme | FREQ_PAIR); *cdg_scheme = (*cdg_scheme | FREQ_PAIR);
} }
} }
@@ -843,7 +843,7 @@ ERROR_t EcDataPairDec(DECODER_TYPE DECODER, HANDLE_FDK_BITSTREAM strm,
SCHAR* pDataVec[2] = {NULL, NULL}; SCHAR* pDataVec[2] = {NULL, NULL};
DIFF_TYPE diff_type[2] = {DIFF_FREQ, DIFF_FREQ}; DIFF_TYPE diff_type[2] = {DIFF_FREQ, DIFF_FREQ};
CODING_SCHEME cdg_scheme = HUFF_1D; int cdg_scheme = HUFF_1D;
DIRECTION direction = BACKWARDS; DIRECTION direction = BACKWARDS;
switch (data_type) { switch (data_type) {