fdk-aac

mirror of https://github.com/mstorsjo/fdk-aac.git synced 2025-02-22 13:37:43 +01:00

Author	SHA1	Message	Date
Fraunhofer IIS FDK	33ea26a8d9	Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). am: bb8f983bf3 Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12087395 Change-Id: Iddc8a0642d6a5bf1f84edb74f943b5dddd1fb7fd	2020-09-09 21:09:55 +00:00
Fraunhofer IIS FDK	f007f6a4bc	Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). am: bb8f983bf3 Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12087395 Change-Id: I85ffb1d0e64c206a805e36169e6d6b664924cc48	2020-09-09 21:09:29 +00:00
Fraunhofer IIS FDK	bb8f983bf3	Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). In the bug the SBR decoder has already set up 9 channels and tries to allocate one more channel. The assignment of the QMF channels to SBR channels fails since the QMF domain manages only 8+1 channels instead of 10 channels as reqeusted by SBR. Here we have added a check in sbrDecoder_InitElement() which will return with a parse error in case additional SBR channels would exceed the maximum number of SBR channels. This solves the potential heap buffer overflow. Bug: 158762825 Test: atest DecoderTestAacDrc DecoderTestAacFormat DecoderTestXheAac Change-Id: I0150ac6d5a47ffce883010f531928656eebc619e Merged-In: I0150ac6d5a47ffce883010f531928656eebc619e	2020-09-09 19:01:09 +00:00
Xin Li	7f7e67fe02	Merge Android R Bug: 168057903 Merged-In: Idcdb13a8c37b0b4b5446169c3e80dfe55586bc77 Change-Id: I29b7ae1003fb72aeb5fbf1fdfdceea849c1c12b8	2020-09-08 16:53:57 -07:00
Martin Storsjo	3a831a5fbc	Avoid undefined shifts in SATURATE_SHIFT Make sure that the shift amount is less than the size of the shifted value, otherwise return the saturation max values (for left shift, if the source values was nonzero) or zero (for right shift, or zero shifted left). Fixes: 24376/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBFDK_AAC_fuzzer-6529411206348800 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg	2020-09-02 12:56:41 +03:00
Xin Li	3f82e7e794	[automerger skipped] Merge Android R (rvc-dev-plus-aosp-without-vendor@6692709) am: 7a0dde5d5d -s ours am: 389ba21eed -s ours am: 016718d3fd -s ours am skip reason: Change-Id I9bd31724ae68b9a0b3eb4bb5be3782359824aa1f with SHA-1 e0624f4c05 is in history Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12470067 Change-Id: If53b20173eefcedbe2a0eb7af822536437a97895	2020-09-01 22:10:11 +00:00
Xin Li	016718d3fd	[automerger skipped] Merge Android R (rvc-dev-plus-aosp-without-vendor@6692709) am: 7a0dde5d5d -s ours am: 389ba21eed -s ours am skip reason: Change-Id I9bd31724ae68b9a0b3eb4bb5be3782359824aa1f with SHA-1 e0624f4c05 is in history Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12470067 Change-Id: I793eca95e3242a6c71ea4ae8e3592a906363c515	2020-09-01 21:46:55 +00:00
Xin Li	389ba21eed	[automerger skipped] Merge Android R (rvc-dev-plus-aosp-without-vendor@6692709) am: 7a0dde5d5d -s ours am skip reason: Change-Id I9bd31724ae68b9a0b3eb4bb5be3782359824aa1f with SHA-1 e0624f4c05 is in history Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12470067 Change-Id: I96f0085bd119bdb9733ac647ffb40ee40893e931	2020-09-01 20:37:20 +00:00
Xin Li	7a0dde5d5d	Merge Android R (rvc-dev-plus-aosp-without-vendor@6692709) Bug: 166295507 Merged-In: I9bd31724ae68b9a0b3eb4bb5be3782359824aa1f Change-Id: Idcdb13a8c37b0b4b5446169c3e80dfe55586bc77	2020-08-27 10:16:06 -07:00
Martin Storsjo	8439b745f6	Don't use an enum for a value read directly from the bitstream The enum doesn't cover all possible values read from the bitstream. This fixes undefined behaviour sanitizer errors. Fixes: 23719/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBFDK_AAC_fuzzer-5111020367642624 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg	2020-07-17 22:51:34 +03:00
Jean-Michel Trivi	ef38dee702	Merge "Improve code coverage for aac_dec_fuzzer" am: 760e8921c2 am: 946a672b0f am: e0624f4c05 am: 73da86e336 Original change: https://android-review.googlesource.com/c/platform/external/aac/+/1324135 Change-Id: I68267add047f0ea432e5f83e1fbd5d673ba21715	2020-07-10 18:32:39 +00:00
Jean-Michel Trivi	73da86e336	Merge "Improve code coverage for aac_dec_fuzzer" am: 760e8921c2 am: 946a672b0f am: e0624f4c05 Original change: https://android-review.googlesource.com/c/platform/external/aac/+/1324135 Change-Id: Icfe1613791fb53502d99e3030dd9e9baa3fa5c33	2020-07-10 18:12:12 +00:00
Jean-Michel Trivi	e0624f4c05	Merge "Improve code coverage for aac_dec_fuzzer" am: 760e8921c2 am: 946a672b0f Original change: https://android-review.googlesource.com/c/platform/external/aac/+/1324135 Change-Id: I9bd31724ae68b9a0b3eb4bb5be3782359824aa1f	2020-07-10 17:56:32 +00:00
Jean-Michel Trivi	946a672b0f	Merge "Improve code coverage for aac_dec_fuzzer" am: 760e8921c2 Original change: https://android-review.googlesource.com/c/platform/external/aac/+/1324135 Change-Id: I49925ff2d6e55f0def55bf012f7ff3f33cacea4e	2020-07-10 17:45:08 +00:00
Jean-Michel Trivi	760e8921c2	Merge "Improve code coverage for aac_dec_fuzzer"	2020-07-10 17:33:20 +00:00
Fraunhofer IIS FDK	c516539a20	Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). In the bug the SBR decoder has already set up 9 channels and tries to allocate one more channel. The assignment of the QMF channels to SBR channels fails since the QMF domain manages only 8+1 channels instead of 10 channels as reqeusted by SBR. Here we have added a check in sbrDecoder_InitElement() which will return with a parse error in case additional SBR channels would exceed the maximum number of SBR channels. This solves the potential heap buffer overflow. Bug: 158762825 Test: atest DecoderTestAacDrc DecoderTestAacFormat DecoderTestXheAac Merged-In: I0150ac6d5a47ffce883010f531928656eebc619e Change-Id: I8569a15214707ab622e986b34b4b917251495662	2020-07-09 08:56:14 -07:00
Fraunhofer IIS FDK	50aa5be388	[DO NOT MERGE] Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). In the bug the SBR decoder has already set up 9 channels and tries to allocate one more channel. The assignment of the QMF channels to SBR channels fails since the QMF domain manages only 8+1 channels instead of 10 channels as reqeusted by SBR. Here we have added a check in sbrDecoder_InitElement() which will return with a parse error in case additional SBR channels would exceed the maximum number of SBR channels. This solves the potential heap buffer overflow. Bug: 158762825 Test: atest DecoderTestAacDrc DecoderTestXheAac Change-Id: I741f49ab3b675fa3d3217ee72e1db66b0114f7ee	2020-07-06 21:42:07 +00:00
Martin Storsjo	ec58a940e2	Avoid undefined shifts Fixes: 23522/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBFDK_AAC_fuzzer-5468272958111744 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg	2020-06-22 13:28:10 +03:00
S Vasudev Prasad	c1a75279a1	Improve code coverage for aac_dec_fuzzer Test: ./aac_dec_fuzzer Bug: 158206619 Change-Id: I42d57ec832dbd273f66ce149ce81bfcb1c514add	2020-06-19 10:57:18 +05:30
Martin Storsjo	845febbb4a	Don't store a value read directly from the bitstream in an enum In this case, the enum only has one single allowed value, while the bitstream can contain a number of different values. Don't load the unchecked value into an enum variable, because storing the disallowed values in the enum variable is undefined behaviour. Instead store it in an int, until the value has been verified to be the allowed one. This fixes undefined behaviour sanitizer errors. Fixes: 23192/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBFDK_AAC_fuzzer-5205702892322816 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg	2020-06-12 10:29:11 +03:00
Martin Storsjo	5aa57d3633	Don't use an enum for a value read directly from the bitstream The enum doesn't cover all possible values read from the bitstream. This fixes undefined behaviour sanitizer errors. Fixes: 22486/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBFDK_AAC_fuzzer-5735284884111360 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg	2020-06-04 09:50:16 +03:00
android-build-team Robot	63d6409af1	Snap for 6544675 from ebc1030f65bb1e1e7dccf99e56a5d0221f097fdb to rvc-release Change-Id: Icd0e65b905da537b43498b94b7e4d0424837c9d1	2020-05-30 23:08:39 +00:00
Ray Essick	e445fffa0c	point to new repo hooks for mainline uploads am: ebc1030f65 am: 251785c993 am: c2d9dc1ab3 Change-Id: I69a934cab36df4088a1a53f9a9e5d171b4bbb7e9	2020-05-30 00:17:16 +00:00
Automerger Merge Worker	03f1989345	Merge "point to new repo hooks for mainline uploads am: ebc1030f65 am: ecae3c24b3 am: da694cd595" into rvc-qpr-dev-plus-aosp	2020-05-30 00:16:39 +00:00
Ray Essick	f3944443a0	point to new repo hooks for mainline uploads am: ebc1030f65 am: ecae3c24b3 am: da694cd595 Change-Id: If139bccabcd71a6c529e234d23ad454b061ae36c	2020-05-30 00:16:25 +00:00
Ray Essick	c329ddd2d9	point to new repo hooks for mainline uploads am: ebc1030f65 am: ecae3c24b3 am: eeb1d2d3cf Change-Id: I1c4df033663d308ae24bc42d723ddf09f05b9de9	2020-05-30 00:16:12 +00:00
Ray Essick	c2d9dc1ab3	point to new repo hooks for mainline uploads am: ebc1030f65 am: 251785c993 Change-Id: I61510ab3a0a69acb70875ea8e3163fa7debcb18c	2020-05-30 00:03:25 +00:00
Ray Essick	eeb1d2d3cf	point to new repo hooks for mainline uploads am: ebc1030f65 am: ecae3c24b3 Change-Id: I4af7365b2f0e59ecd52df4022faf4f7798932d7a	2020-05-30 00:03:07 +00:00
Ray Essick	da694cd595	point to new repo hooks for mainline uploads am: ebc1030f65 am: ecae3c24b3 Change-Id: I04a039fe95ed1bdb9957a562cdfdb125c59ad090	2020-05-30 00:03:06 +00:00
Ray Essick	251785c993	point to new repo hooks for mainline uploads am: ebc1030f65 Change-Id: Ibaae6c3cebad3d20b19447824bc5433601081968	2020-05-29 23:49:26 +00:00
Ray Essick	ecae3c24b3	point to new repo hooks for mainline uploads am: ebc1030f65 Change-Id: I2f08b01ee76f7524fb041d8541847eb9b4832f14	2020-05-29 23:49:24 +00:00
Ray Essick	ebc1030f65	point to new repo hooks for mainline uploads Bug: 157501573 Test: upload Change-Id: I0e4764db6516d17a81dc5a31bf9d9427b2c570d6	2020-05-26 16:29:58 -07:00
Treehugger Robot	f4248aadbf	Merge "Fix license type s/b BY_EXCEPTION_ONLY" am: 86bd192796 am: e76ca4d9ac am: 6d5490018a am: 6313f8703e Change-Id: I0471f66a21267ba4059976e491d0489a74ba34a7	2020-05-21 23:16:09 +00:00
Treehugger Robot	6313f8703e	Merge "Fix license type s/b BY_EXCEPTION_ONLY" am: 86bd192796 am: e76ca4d9ac am: 6d5490018a Change-Id: I7b5c175a03532581aac39584dcd308eca401642a	2020-05-21 22:55:18 +00:00
Treehugger Robot	6d5490018a	Merge "Fix license type s/b BY_EXCEPTION_ONLY" am: 86bd192796 am: e76ca4d9ac Change-Id: Ia1d49e25596031c732021bccb2a86a03f3ad874c	2020-05-21 22:41:14 +00:00
Treehugger Robot	e76ca4d9ac	Merge "Fix license type s/b BY_EXCEPTION_ONLY" am: 86bd192796 Change-Id: If0646e3c2b9b9927a58811606fff28e432e6d303	2020-05-21 22:28:36 +00:00
Treehugger Robot	86bd192796	Merge "Fix license type s/b BY_EXCEPTION_ONLY"	2020-05-21 22:16:18 +00:00
Kris Alder	248c3a9e0a	Merge "Added fuzz_config field in aac_dec_fuzzer" am: 43fb529e06 am: f96c6f3a30 am: f60530f491 am: 194e249990 Change-Id: Ib567b1aeb584a8f820a455222322ece0686a5903	2020-05-21 20:55:53 +00:00
Kris Alder	194e249990	Merge "Added fuzz_config field in aac_dec_fuzzer" am: 43fb529e06 am: f96c6f3a30 am: f60530f491 Change-Id: I20727c08423682ca8c6d3fcfa680423375c02156	2020-05-21 20:35:45 +00:00
Kris Alder	f60530f491	Merge "Added fuzz_config field in aac_dec_fuzzer" am: 43fb529e06 am: f96c6f3a30 Change-Id: I4104bd7b4964dbd270cb614a164d426ecd24e0bf	2020-05-21 20:10:40 +00:00
Kris Alder	f96c6f3a30	Merge "Added fuzz_config field in aac_dec_fuzzer" am: 43fb529e06 Change-Id: I9cc973e862cfa58047cd1056488f64de4bf07abb	2020-05-21 19:54:30 +00:00
Bob Badour	92c9b7ea9a	Fix license type s/b BY_EXCEPTION_ONLY The Fraunhofer license has special requirements. Test: no code change Change-Id: I439354498c0a28d6ff078cea9a4f8e9bfc02145f	2020-05-21 12:49:18 -07:00
Kris Alder	43fb529e06	Merge "Added fuzz_config field in aac_dec_fuzzer"	2020-05-21 19:37:30 +00:00
Ayushi Khopkar	64e4f25b29	Added fuzz_config field in aac_dec_fuzzer Test: ./aac_dec_fuzzer Bug: 156871294 Change-Id: Idfc93a6f6c71a78c2b7759443161d8e75dfc4670	2020-05-19 11:59:34 +05:30
android-build-team Robot	d0f1ac8a7b	Snap for 6484097 from 71c477bae4e0b1bfad90fd4e4dbba496aa6d9c68 to rvc-release Change-Id: I4db69c7d577a0fde24cf10c01302118be83a29cd	2020-05-12 01:13:03 +00:00
Jooyung Han	3566a11cc1	[automerger skipped] Set min_sdk_version to be part of mainline modules am: 71c477bae4 am: b6b6120ac8 am: c658b5ab4b -s ours am skip reason: Change-Id I662ad951a3221f967b53e7af65cb203a4b4a5e5d with SHA-1 71c477bae4 is in history Change-Id: I73ce344f6f8287ec9d1a0565ae423a943de402e4	2020-05-11 08:52:50 +00:00
Jooyung Han	7ab81f83ab	[automerger skipped] Set min_sdk_version to be part of mainline modules am: 71c477bae4 -s ours am: d4b4152be0 -s ours am: d6b557a3b2 -s ours am skip reason: Change-Id I662ad951a3221f967b53e7af65cb203a4b4a5e5d with SHA-1 71c477bae4 is in history Change-Id: Ifccfe73cb7ba221ce16c67dee097b982575bed86	2020-05-11 08:52:40 +00:00
Jooyung Han	54b2057032	[automerger skipped] Set min_sdk_version to be part of mainline modules am: 71c477bae4 am: b6b6120ac8 -s ours am: fcd9348524 -s ours am skip reason: Change-Id I662ad951a3221f967b53e7af65cb203a4b4a5e5d with SHA-1 d40f05a618 is in history Change-Id: Ic8fee6c93a3913e20d8ce16e659777768ea3e81a	2020-05-11 08:52:32 +00:00
Jooyung Han	c658b5ab4b	Set min_sdk_version to be part of mainline modules am: 71c477bae4 am: b6b6120ac8 Change-Id: I81dccfd0a9790f4251f88ab9c14ca1827d72e388	2020-05-11 08:41:27 +00:00
Jooyung Han	d6b557a3b2	[automerger skipped] Set min_sdk_version to be part of mainline modules am: 71c477bae4 -s ours am: d4b4152be0 -s ours am skip reason: Change-Id I662ad951a3221f967b53e7af65cb203a4b4a5e5d with SHA-1 71c477bae4 is in history Change-Id: Ib0f01bde91a3b106189590c9fb4eda78ebbd3bcb	2020-05-11 08:41:19 +00:00

1 2 3 4 5 ...

1360 Commits