From 64bd48e21b42107fe93ac8bc0fb8cc24bb8643df Mon Sep 17 00:00:00 2001 From: liuchao Date: Thu, 23 Feb 2017 12:05:54 +0800 Subject: [PATCH] Fix not properly handled NULL-pointer access before check in aac lib 1) Fixes some potential NULL-pointer access in case input pointer is passed NULL 2) Modified some for lazy init Test: mm -j 8 Change-Id: I7fca97e1d9f70d8e8c1533b519181af35a5468f7 --- libAACdec/src/aacdecoder_lib.cpp | 19 ++++++------------- libAACenc/src/metadata_main.cpp | 10 ++++------ 2 files changed, 10 insertions(+), 19 deletions(-) diff --git a/libAACdec/src/aacdecoder_lib.cpp b/libAACdec/src/aacdecoder_lib.cpp index 8863da5..50efb0f 100644 --- a/libAACdec/src/aacdecoder_lib.cpp +++ b/libAACdec/src/aacdecoder_lib.cpp @@ -791,36 +791,29 @@ LINKSPEC_CPP AAC_DECODER_ERROR aacDecoder_DecodeFrame( const UINT flags) { AAC_DECODER_ERROR ErrorStatus; - INT layer; - INT nBits; - INT interleaved = self->outputInterleaved; - HANDLE_FDK_BITSTREAM hBs; int fTpInterruption = 0; /* Transport originated interruption detection. */ int fTpConceal = 0; /* Transport originated concealment. */ - INT_PCM *pTimeData = NULL; - INT timeDataSize = 0; - if (self == NULL) { return AAC_DEC_INVALID_HANDLE; } - - pTimeData = self->pcmOutputBuffer; - timeDataSize = sizeof(self->pcmOutputBuffer)/sizeof(*self->pcmOutputBuffer); + INT interleaved = self->outputInterleaved; + INT_PCM *pTimeData = self->pcmOutputBuffer; + INT timeDataSize = sizeof(self->pcmOutputBuffer)/sizeof(*self->pcmOutputBuffer); if (flags & AACDEC_INTR) { self->streamInfo.numLostAccessUnits = 0; } - hBs = transportDec_GetBitstream(self->hInput, 0); + HANDLE_FDK_BITSTREAM hBs = transportDec_GetBitstream(self->hInput, 0); /* Get current bits position for bitrate calculation. */ - nBits = FDKgetValidBits(hBs); + INT nBits = FDKgetValidBits(hBs); if (! (flags & (AACDEC_CONCEAL | AACDEC_FLUSH) ) ) { TRANSPORTDEC_ERROR err; - for(layer = 0; layer < self->nrOfLayers; layer++) + for(INT layer = 0; layer < self->nrOfLayers; layer++) { err = transportDec_ReadAccessUnit(self->hInput, layer); if (err != TRANSPORTDEC_OK) { diff --git a/libAACenc/src/metadata_main.cpp b/libAACenc/src/metadata_main.cpp index e920793..90f8f4e 100644 --- a/libAACenc/src/metadata_main.cpp +++ b/libAACenc/src/metadata_main.cpp @@ -488,14 +488,12 @@ static FDK_METADATA_ERROR ProcessCompressor( { FDK_METADATA_ERROR err = METADATA_OK; - INT dynrng, compr; - DRC_PROFILE profileDrc = convertProfile(pMetadata->mpegDrc.drc_profile); - DRC_PROFILE profileComp = convertProfile(pMetadata->etsiAncData.comp_profile); - if ( (pMetadata==NULL) || (hDrcComp==NULL) ) { err = METADATA_INVALID_HANDLE; return err; } + DRC_PROFILE profileDrc = convertProfile(pMetadata->mpegDrc.drc_profile); + DRC_PROFILE profileComp = convertProfile(pMetadata->etsiAncData.comp_profile); /* first, check if profile is same as last frame * otherwise, update setup */ @@ -511,8 +509,8 @@ static FDK_METADATA_ERROR ProcessCompressor( } /* in case of embedding external values, copy this now (limiter may overwrite them) */ - dynrng = decodeDynrng(pMetadata->mpegDrc.dyn_rng_ctl[0], pMetadata->mpegDrc.dyn_rng_sgn[0]); - compr = decodeCompr(pMetadata->etsiAncData.compression_value); + INT dynrng = decodeDynrng(pMetadata->mpegDrc.dyn_rng_ctl[0], pMetadata->mpegDrc.dyn_rng_sgn[0]); + INT compr = decodeCompr(pMetadata->etsiAncData.compression_value); /* Call compressor */ if (FDK_DRC_Generator_Calc(hDrcComp,