fenix
/
fdk-aac
mirror of https://github.com/mstorsjo/fdk-aac.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix huffman decoder escape sequence length limitation. 

Test: atest DecoderTestXheAac ; atest DecoderTestAacDrc
Bug: 112661753

Change-Id: Ib05cc2c065739c27b9720a24f90d0ce4d15bf601
Merged-In: 62623d8d79
This commit is contained in:
Fraunhofer IIS FDK 2018-06-08 18:04:43 +02:00 committed by Jean-Michel Trivi
parent 78f80da872
commit f90be06503
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
libAACdec/src/block.cpp
View File

@ -127,9 +127,11 @@ amm-info@iis.fraunhofer.de
The function reads the escape sequence from the bitstream, The function reads the escape sequence from the bitstream,
if the absolute value of the quantized coefficient has the if the absolute value of the quantized coefficient has the
value 16. value 16.
A limitation is implemented to maximal 31 bits to prevent endless loops. A limitation is implemented to maximal 21 bits according to
If it strikes, MAX_QUANTIZED_VALUE + 1 is returned, independent of the sign of ISO/IEC 14496-3:2009(E) 4.6.3.3.
parameter q. This limits the escape prefix to a maximum of eight 1's.
If more than eight 1's are read, MAX_QUANTIZED_VALUE + 1 is
returned, independent of the sign of parameter q.
\return quantized coefficient \return quantized coefficient
*/ */
@ -139,11 +141,11 @@ LONG CBlock_GetEscape(HANDLE_FDK_BITSTREAM bs, /*!< pointer to bitstream */
if (fAbs(q) != 16) return (q); if (fAbs(q) != 16) return (q);
LONG i, off; LONG i, off;
for (i = 4; i < 32; i++) { for (i = 4; i < 13; i++) {
if (FDKreadBit(bs) == 0) break; if (FDKreadBit(bs) == 0) break;
} }
if (i == 32) return (MAX_QUANTIZED_VALUE + 1); if (i == 13) return (MAX_QUANTIZED_VALUE + 1);
off = FDKreadBits(bs, i); off = FDKreadBits(bs, i);
i = off + (1 << i); i = off + (1 << i);