avcodec/apedec: more checks for k

Fixes assertion failure Fixes part of msan_uninit-mem_7fa0d8c8bd58_8417_sh3.ape Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at>

avcodec/apedec: more checks for k
Fixes assertion failure Fixes part of msan_uninit-mem_7fa0d8c8bd58_8417_sh3.ape Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
d5128fce · Michael Niedermayer · d9463340 · d5128fce
Commit d5128fce authored Dec 23, 2013 by Michael Niedermayer
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 0 deletions

apedec.c libavcodec/apedec.c +4 -0

No files found.
--- a/libavcodec/apedec.c
+++ b/libavcodec/apedec.c
@@ -603,10 +603,14 @@ static void decode_array_0000(APEContext *ctx, GetBitContext *gb,
        rice->ksum += out[i];
    }
    rice->k = av_log2(rice->ksum / 10) + 1;
+    if (rice->k >= 24)
+        return;
    for (; i < 64; i++) {
        out[i] = get_rice_ook(&ctx->gb, rice->k);
        rice->ksum += out[i];
        rice->k = av_log2(rice->ksum / ((i + 1) * 2)) + 1;
+        if (rice->k >= 24)
+            return;
    }
    ksummax = 1 << rice->k + 7;
    ksummin = rice->k ? (1 << rice->k + 6) : 0;