fenix/fdk-aac
1
0
Fork 0
mirror of https://github.com/mstorsjo/fdk-aac.git synced 2025-02-16 19:30:34 +01:00
Code Issues Projects Releases Wiki Activity
1,325 Commits 10 Branches 11 Tags
Commit Graph

1325 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Fraunhofer IIS FDK
a3d45a6804 [automerger skipped] [DO NOT MERGE] Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). am: 50aa5be388 am: 0468e02e5b am: d20df7ee14 -s ours am: 80ebc985fb -s ours am: 035cf671b8 am: ce38f54339 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12088847

Change-Id: Ie337579b14a76c90016c6866d58422816d61ea0a
 2020-09-09 23:00:01 +00:00
Fraunhofer IIS FDK
971b630c47 [automerger skipped] Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). am: c516539a20 am: 17dd8dfad9 am: 8336b89345 -s ours 
am skip reason: Change-Id I0150ac6d5a47ffce883010f531928656eebc619e with SHA-1 bb8f983bf3 is in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12091300

Change-Id: I5c2fc3f0ac04e75766a7f7141a6900f167023088
 2020-09-09 22:59:55 +00:00
Fraunhofer IIS FDK
ce38f54339 [automerger skipped] [DO NOT MERGE] Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). am: 50aa5be388 am: 0468e02e5b am: d20df7ee14 -s ours am: 80ebc985fb -s ours am: 035cf671b8 
Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12088847

Change-Id: I8be6b18443220d62f6f0241003080db5da857e61
 2020-09-09 22:32:10 +00:00
Fraunhofer IIS FDK
8336b89345 Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). am: c516539a20 am: 17dd8dfad9 
Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12091300

Change-Id: I6162868554166db622bc72fb47a9cc61aaa51881
 2020-09-09 22:32:05 +00:00
Fraunhofer IIS FDK
035cf671b8 [automerger skipped] [DO NOT MERGE] Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). am: 50aa5be388 am: 0468e02e5b am: d20df7ee14 -s ours am: 80ebc985fb -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12088847

Change-Id: I9a57636513443249a25c6789ed2eb975cf91b45c
 2020-09-09 22:02:20 +00:00
Fraunhofer IIS FDK
17dd8dfad9 Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). am: c516539a20 
Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12091300

Change-Id: I41058bf1a076509c564defa70247dcbfa91c64d0
 2020-09-09 22:02:14 +00:00
Fraunhofer IIS FDK
80ebc985fb [automerger skipped] [DO NOT MERGE] Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). am: 50aa5be388 am: 0468e02e5b am: d20df7ee14 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12088847

Change-Id: Iad32917ed1a93b0a8749e6cad3555481a570943d
 2020-09-09 21:55:03 +00:00
Fraunhofer IIS FDK
008ee33f53 [automerger skipped] Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). am: bb8f983bf3 am: f007f6a4bc am: 3cc9889e23 -s ours 
am skip reason: Change-Id I0150ac6d5a47ffce883010f531928656eebc619e with SHA-1 bb8f983bf3 is in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12087395

Change-Id: Idc492802d1f451c4ca1acd78ac83234f20183f29
 2020-09-09 21:54:59 +00:00
Fraunhofer IIS FDK
ad07d8d7a7 [automerger skipped] Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). am: bb8f983bf3 am: 33ea26a8d9 -s ours am: 87f3b1561f -s ours 
am skip reason: Change-Id I0150ac6d5a47ffce883010f531928656eebc619e with SHA-1 bb8f983bf3 is in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12087395

Change-Id: I2492f6df370ca3c624ed826bfa7966cfe640b824
 2020-09-09 21:54:46 +00:00
Fraunhofer IIS FDK
11b611293f Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). am: bb8f983bf3 am: f007f6a4bc am: a5a3ef611c 
Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12087395

Change-Id: I19cbfb6b908a878ce59e8c6869ba9c5957d10075
 2020-09-09 21:54:26 +00:00
Fraunhofer IIS FDK
d20df7ee14 [DO NOT MERGE] Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). am: 50aa5be388 am: 0468e02e5b 
Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12088847

Change-Id: I0f5863139bc848401b905625fdc572793755b8cf
 2020-09-09 21:44:15 +00:00
Fraunhofer IIS FDK
87f3b1561f [automerger skipped] Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). am: bb8f983bf3 am: 33ea26a8d9 -s ours 
am skip reason: Change-Id I0150ac6d5a47ffce883010f531928656eebc619e with SHA-1 bb8f983bf3 is in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12087395

Change-Id: I9493bb636397e8d30f8eb7f71ff67b7578df0da6
 2020-09-09 21:37:34 +00:00
Fraunhofer IIS FDK
a5a3ef611c Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). am: bb8f983bf3 am: f007f6a4bc 
Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12087395

Change-Id: I28c773eab019d0e518d34a26a9493811c8c1afea
 2020-09-09 21:37:22 +00:00
Fraunhofer IIS FDK
3cc9889e23 Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). am: bb8f983bf3 am: f007f6a4bc 
Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12087395

Change-Id: Ic8c0828dd43d16559e13acd4204bddc26d2e249d
 2020-09-09 21:37:07 +00:00
Fraunhofer IIS FDK
0468e02e5b [DO NOT MERGE] Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). am: 50aa5be388 
Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12088847

Change-Id: I40c07a02e1528540b24a5380cff1249ed5076193
 2020-09-09 21:29:48 +00:00
Fraunhofer IIS FDK
33ea26a8d9 Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). am: bb8f983bf3 
Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12087395

Change-Id: Iddc8a0642d6a5bf1f84edb74f943b5dddd1fb7fd
 2020-09-09 21:09:55 +00:00
Fraunhofer IIS FDK
f007f6a4bc Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). am: bb8f983bf3 
Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12087395

Change-Id: I85ffb1d0e64c206a805e36169e6d6b664924cc48
 2020-09-09 21:09:29 +00:00
Fraunhofer IIS FDK
bb8f983bf3 Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). 
In the bug the SBR decoder has already set up 9 channels and tries to
allocate one more channel. The assignment of the QMF channels to SBR
channels fails since the QMF domain manages only 8+1 channels instead
of 10 channels as reqeusted by SBR.
Here we have added a check in sbrDecoder_InitElement() which will
return with a parse error in case additional SBR channels would exceed
the maximum number of SBR channels. This solves the potential heap
buffer overflow.

Bug: 158762825
Test: atest DecoderTestAacDrc DecoderTestAacFormat DecoderTestXheAac
Change-Id: I0150ac6d5a47ffce883010f531928656eebc619e
Merged-In: I0150ac6d5a47ffce883010f531928656eebc619e
 2020-09-09 19:01:09 +00:00
Xin Li
7f7e67fe02 Merge Android R 
Bug: 168057903
Merged-In: Idcdb13a8c37b0b4b5446169c3e80dfe55586bc77
Change-Id: I29b7ae1003fb72aeb5fbf1fdfdceea849c1c12b8
 2020-09-08 16:53:57 -07:00
Martin Storsjo
3a831a5fbc Avoid undefined shifts in SATURATE_SHIFT 
Make sure that the shift amount is less than the size of the shifted
value, otherwise return the saturation max values (for left shift, if
the source values was nonzero) or zero (for right shift, or zero
shifted left).

Fixes: 24376/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBFDK_AAC_fuzzer-6529411206348800

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
 2020-09-02 12:56:41 +03:00
Xin Li
3f82e7e794 [automerger skipped] Merge Android R (rvc-dev-plus-aosp-without-vendor@6692709) am: 7a0dde5d5d -s ours am: 389ba21eed -s ours am: 016718d3fd -s ours 
am skip reason: Change-Id I9bd31724ae68b9a0b3eb4bb5be3782359824aa1f with SHA-1 e0624f4c05 is in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12470067

Change-Id: If53b20173eefcedbe2a0eb7af822536437a97895
 2020-09-01 22:10:11 +00:00
Xin Li
016718d3fd [automerger skipped] Merge Android R (rvc-dev-plus-aosp-without-vendor@6692709) am: 7a0dde5d5d -s ours am: 389ba21eed -s ours 
am skip reason: Change-Id I9bd31724ae68b9a0b3eb4bb5be3782359824aa1f with SHA-1 e0624f4c05 is in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12470067

Change-Id: I793eca95e3242a6c71ea4ae8e3592a906363c515
 2020-09-01 21:46:55 +00:00
Xin Li
389ba21eed [automerger skipped] Merge Android R (rvc-dev-plus-aosp-without-vendor@6692709) am: 7a0dde5d5d -s ours 
am skip reason: Change-Id I9bd31724ae68b9a0b3eb4bb5be3782359824aa1f with SHA-1 e0624f4c05 is in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/external/aac/+/12470067

Change-Id: I96f0085bd119bdb9733ac647ffb40ee40893e931
 2020-09-01 20:37:20 +00:00
Xin Li
7a0dde5d5d Merge Android R (rvc-dev-plus-aosp-without-vendor@6692709) 
Bug: 166295507
Merged-In: I9bd31724ae68b9a0b3eb4bb5be3782359824aa1f
Change-Id: Idcdb13a8c37b0b4b5446169c3e80dfe55586bc77
 2020-08-27 10:16:06 -07:00
Martin Storsjo
8439b745f6 Don't use an enum for a value read directly from the bitstream 
The enum doesn't cover all possible values read from the bitstream.

This fixes undefined behaviour sanitizer errors.

Fixes: 23719/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBFDK_AAC_fuzzer-5111020367642624

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
 2020-07-17 22:51:34 +03:00
Jean-Michel Trivi
ef38dee702 Merge "Improve code coverage for aac_dec_fuzzer" am: 760e8921c2 am: 946a672b0f am: e0624f4c05 am: 73da86e336 
Original change: https://android-review.googlesource.com/c/platform/external/aac/+/1324135

Change-Id: I68267add047f0ea432e5f83e1fbd5d673ba21715
 2020-07-10 18:32:39 +00:00
Jean-Michel Trivi
73da86e336 Merge "Improve code coverage for aac_dec_fuzzer" am: 760e8921c2 am: 946a672b0f am: e0624f4c05 
Original change: https://android-review.googlesource.com/c/platform/external/aac/+/1324135

Change-Id: Icfe1613791fb53502d99e3030dd9e9baa3fa5c33
 2020-07-10 18:12:12 +00:00
Jean-Michel Trivi
e0624f4c05 Merge "Improve code coverage for aac_dec_fuzzer" am: 760e8921c2 am: 946a672b0f 
Original change: https://android-review.googlesource.com/c/platform/external/aac/+/1324135

Change-Id: I9bd31724ae68b9a0b3eb4bb5be3782359824aa1f
 2020-07-10 17:56:32 +00:00
Jean-Michel Trivi
946a672b0f Merge "Improve code coverage for aac_dec_fuzzer" am: 760e8921c2 
Original change: https://android-review.googlesource.com/c/platform/external/aac/+/1324135

Change-Id: I49925ff2d6e55f0def55bf012f7ff3f33cacea4e
 2020-07-10 17:45:08 +00:00
Jean-Michel Trivi
760e8921c2 Merge "Improve code coverage for aac_dec_fuzzer" 2020-07-10 17:33:20 +00:00
Fraunhofer IIS FDK
c516539a20 Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). 
In the bug the SBR decoder has already set up 9 channels and tries to
allocate one more channel. The assignment of the QMF channels to SBR
channels fails since the QMF domain manages only 8+1 channels instead
of 10 channels as reqeusted by SBR.
Here we have added a check in sbrDecoder_InitElement() which will
return with a parse error in case additional SBR channels would exceed
the maximum number of SBR channels. This solves the potential heap
buffer overflow.

Bug: 158762825
Test: atest DecoderTestAacDrc DecoderTestAacFormat DecoderTestXheAac
Merged-In: I0150ac6d5a47ffce883010f531928656eebc619e
Change-Id: I8569a15214707ab622e986b34b4b917251495662
 2020-07-09 08:56:14 -07:00
Fraunhofer IIS FDK
50aa5be388 [DO NOT MERGE] Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels(). 
In the bug the SBR decoder has already set up 9 channels and tries to
allocate one more channel. The assignment of the QMF channels to SBR
channels fails since the QMF domain manages only 8+1 channels instead
of 10 channels as reqeusted by SBR.
Here we have added a check in sbrDecoder_InitElement() which will
return with a parse error in case additional SBR channels would exceed
the maximum number of SBR channels. This solves the potential heap
buffer overflow.

Bug: 158762825
Test: atest DecoderTestAacDrc DecoderTestXheAac
Change-Id: I741f49ab3b675fa3d3217ee72e1db66b0114f7ee
 2020-07-06 21:42:07 +00:00
Martin Storsjo
ec58a940e2 Avoid undefined shifts 
Fixes: 23522/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBFDK_AAC_fuzzer-5468272958111744

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
 2020-06-22 13:28:10 +03:00
S Vasudev Prasad
c1a75279a1 Improve code coverage for aac_dec_fuzzer 
Test: ./aac_dec_fuzzer
Bug: 158206619

Change-Id: I42d57ec832dbd273f66ce149ce81bfcb1c514add
 2020-06-19 10:57:18 +05:30
Martin Storsjo
845febbb4a Don't store a value read directly from the bitstream in an enum 
In this case, the enum only has one single allowed value, while the
bitstream can contain a number of different values.

Don't load the unchecked value into an enum variable, because
storing the disallowed values in the enum variable is undefined
behaviour. Instead store it in an int, until the value has been
verified to be the allowed one.

This fixes undefined behaviour sanitizer errors.

Fixes: 23192/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBFDK_AAC_fuzzer-5205702892322816

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
 2020-06-12 10:29:11 +03:00
Martin Storsjo
5aa57d3633 Don't use an enum for a value read directly from the bitstream 
The enum doesn't cover all possible values read from the bitstream.

This fixes undefined behaviour sanitizer errors.

Fixes: 22486/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBFDK_AAC_fuzzer-5735284884111360

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
 2020-06-04 09:50:16 +03:00
android-build-team Robot
63d6409af1 Snap for 6544675 from ebc1030f65bb1e1e7dccf99e56a5d0221f097fdb to rvc-release 
Change-Id: Icd0e65b905da537b43498b94b7e4d0424837c9d1
 2020-05-30 23:08:39 +00:00
Ray Essick
e445fffa0c point to new repo hooks for mainline uploads am: ebc1030f65 am: 251785c993 am: c2d9dc1ab3 
Change-Id: I69a934cab36df4088a1a53f9a9e5d171b4bbb7e9
 2020-05-30 00:17:16 +00:00
Automerger Merge Worker
03f1989345 Merge "point to new repo hooks for mainline uploads am: ebc1030f65 am: ecae3c24b3 am: da694cd595" into rvc-qpr-dev-plus-aosp 2020-05-30 00:16:39 +00:00
Ray Essick
f3944443a0 point to new repo hooks for mainline uploads am: ebc1030f65 am: ecae3c24b3 am: da694cd595 
Change-Id: If139bccabcd71a6c529e234d23ad454b061ae36c
 2020-05-30 00:16:25 +00:00
Ray Essick
c329ddd2d9 point to new repo hooks for mainline uploads am: ebc1030f65 am: ecae3c24b3 am: eeb1d2d3cf 
Change-Id: I1c4df033663d308ae24bc42d723ddf09f05b9de9
 2020-05-30 00:16:12 +00:00
Ray Essick
c2d9dc1ab3 point to new repo hooks for mainline uploads am: ebc1030f65 am: 251785c993 
Change-Id: I61510ab3a0a69acb70875ea8e3163fa7debcb18c
 2020-05-30 00:03:25 +00:00
Ray Essick
eeb1d2d3cf point to new repo hooks for mainline uploads am: ebc1030f65 am: ecae3c24b3 
Change-Id: I4af7365b2f0e59ecd52df4022faf4f7798932d7a
 2020-05-30 00:03:07 +00:00
Ray Essick
da694cd595 point to new repo hooks for mainline uploads am: ebc1030f65 am: ecae3c24b3 
Change-Id: I04a039fe95ed1bdb9957a562cdfdb125c59ad090
 2020-05-30 00:03:06 +00:00
Ray Essick
251785c993 point to new repo hooks for mainline uploads am: ebc1030f65 
Change-Id: Ibaae6c3cebad3d20b19447824bc5433601081968
 2020-05-29 23:49:26 +00:00
Ray Essick
ecae3c24b3 point to new repo hooks for mainline uploads am: ebc1030f65 
Change-Id: I2f08b01ee76f7524fb041d8541847eb9b4832f14
 2020-05-29 23:49:24 +00:00
Ray Essick
ebc1030f65 point to new repo hooks for mainline uploads 
Bug: 157501573
Test: upload
Change-Id: I0e4764db6516d17a81dc5a31bf9d9427b2c570d6
 2020-05-26 16:29:58 -07:00
Treehugger Robot
f4248aadbf Merge "Fix license type s/b BY_EXCEPTION_ONLY" am: 86bd192796 am: e76ca4d9ac am: 6d5490018a am: 6313f8703e 
Change-Id: I0471f66a21267ba4059976e491d0489a74ba34a7
 2020-05-21 23:16:09 +00:00
Treehugger Robot
6313f8703e Merge "Fix license type s/b BY_EXCEPTION_ONLY" am: 86bd192796 am: e76ca4d9ac am: 6d5490018a 
Change-Id: I7b5c175a03532581aac39584dcd308eca401642a
 2020-05-21 22:55:18 +00:00
Treehugger Robot
6d5490018a Merge "Fix license type s/b BY_EXCEPTION_ONLY" am: 86bd192796 am: e76ca4d9ac 
Change-Id: Ia1d49e25596031c732021bccb2a86a03f3ad874c
 2020-05-21 22:41:14 +00:00