From ec58a940e2b6f9514d34973dcdaa18730394309a Mon Sep 17 00:00:00 2001
From: Martin Storsjo <martin@martin.st>
Date: Mon, 22 Jun 2020 13:27:41 +0300
Subject: [PATCH] Avoid undefined shifts

Fixes: 23522/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBFDK_AAC_fuzzer-5468272958111744

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
---
 libAACdec/src/aacdec_hcr.cpp | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/libAACdec/src/aacdec_hcr.cpp b/libAACdec/src/aacdec_hcr.cpp
index 6114756..26fdd97 100644
--- a/libAACdec/src/aacdec_hcr.cpp
+++ b/libAACdec/src/aacdec_hcr.cpp
@@ -1423,6 +1423,9 @@ static INT DecodeEscapeSequence(HANDLE_FDK_BITSTREAM bs, const INT bsAnchor,
 
   sign = (quantSpecCoef >= 0) ? 1 : -1;
 
+  if (escapeOnesCounter > 30)
+    escapeOnesCounter = 30;
+
   quantSpecCoef = sign * (((INT)1 << escapeOnesCounter) + escape_word);
 
   return quantSpecCoef;