mirror of https://github.com/mstorsjo/fdk-aac.git
51f38b3a6d
In GetInvInt(int) function, malicious content can access memory outside of the invCount array. Always bound access to valid indices. Test: see bug for malicious content, decoded with "stagefright -s -a" Bug: 65025048 Change-Id: I92d4a14519f45d5a329d7f69f21f2aef0a8c6daa |
||
---|---|---|
.. | ||
include | ||
src |