Skip to content

F
ffmpeg.wasm-core
Commit c5f265bb authored by Michael Niedermayer's avatar Michael Niedermayer
Browse files
Options

avcodec/atrac9dec: Check conditions before apply_band_extension() to avoid out... 

avcodec/atrac9dec: Check conditions before apply_band_extension() to avoid out of array read in initialization of unused variables

Fixes: global-buffer-overflow
Fixes: 15247/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ATRAC9_fuzzer-5671602181636096

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: 's avatarMichael Niedermayer <michael@niedermayer.cc>
parent ed4c6ce7
Show whitespace changes
Inline Side-by-side
Showing with 3 additions and 4 deletions
libavcodec/atrac9dec.c
View file @ c5f265bb
...@@ -539,9 +539,6 @@ static inline void apply_band_extension(ATRAC9Context *s, ATRAC9BlockData *b, ...@@ -539,9 +539,6 @@ static inline void apply_band_extension(ATRAC9Context *s, ATRAC9BlockData *b,
at9_q_unit_to_coeff_idx[g_units[3]], at9_q_unit_to_coeff_idx[g_units[3]],
}; };
if (!b->has_band_ext || !b->has_band_ext_data)
return;
for (int ch = 0; ch <= stereo; ch++) { for (int ch = 0; ch <= stereo; ch++) {
ATRAC9ChannelData *c = &b->channel[ch]; ATRAC9ChannelData *c = &b->channel[ch];
...@@ -751,6 +748,8 @@ static int atrac9_decode_block(ATRAC9Context *s, GetBitContext *gb, ...@@ -751,6 +748,8 @@ static int atrac9_decode_block(ATRAC9Context *s, GetBitContext *gb,
apply_intensity_stereo(s, b, stereo); apply_intensity_stereo(s, b, stereo);
apply_scalefactors (s, b, stereo); apply_scalefactors (s, b, stereo);
if (b->has_band_ext && b->has_band_ext_data)
apply_band_extension (s, b, stereo); apply_band_extension (s, b, stereo);
imdct: imdct:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment