falkTX
/
FFmpeg
mirror of https://github.com/falkTX/FFmpeg.git
1
0
Fork 0
Code Issues 0 Releases 338 Wiki Activity
Browse Source

avcodec/aacsbr_fixed: Fix multiple runtime error: shift exponent 150 is too large for 32-bit type 'int' 

Fixes: 1681/clusterfuzz-testcase-minimized-5970545365483520

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
tags/n3.4
Michael Niedermayer 8 years ago
parent
2ccd2c9003
commit
3fb104f447
1 changed files with 8 additions and 0 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +8
    -0
      libavcodec/aacsbr_fixed.c

+ 8
- 0
libavcodec/aacsbr_fixed.c View File

@@ -288,6 +288,8 @@ static void sbr_hf_inverse_filter(SBRDSPContext *dsp,
shift = a00.exp; shift = a00.exp;
if (shift >= 3) if (shift >= 3)
alpha0[k][0] = 0x7fffffff; alpha0[k][0] = 0x7fffffff;
else if (shift <= -30)
alpha0[k][0] = 0;
else { else {
a00.mant *= 2; a00.mant *= 2;
shift = 2-shift; shift = 2-shift;
@@ -302,6 +304,8 @@ static void sbr_hf_inverse_filter(SBRDSPContext *dsp,
shift = a01.exp; shift = a01.exp;
if (shift >= 3) if (shift >= 3)
alpha0[k][1] = 0x7fffffff; alpha0[k][1] = 0x7fffffff;
else if (shift <= -30)
alpha0[k][1] = 0;
else { else {
a01.mant *= 2; a01.mant *= 2;
shift = 2-shift; shift = 2-shift;
@@ -315,6 +319,8 @@ static void sbr_hf_inverse_filter(SBRDSPContext *dsp,
shift = a10.exp; shift = a10.exp;
if (shift >= 3) if (shift >= 3)
alpha1[k][0] = 0x7fffffff; alpha1[k][0] = 0x7fffffff;
else if (shift <= -30)
alpha1[k][0] = 0;
else { else {
a10.mant *= 2; a10.mant *= 2;
shift = 2-shift; shift = 2-shift;
@@ -329,6 +335,8 @@ static void sbr_hf_inverse_filter(SBRDSPContext *dsp,
shift = a11.exp; shift = a11.exp;
if (shift >= 3) if (shift >= 3)
alpha1[k][1] = 0x7fffffff; alpha1[k][1] = 0x7fffffff;
else if (shift <= -30)
alpha1[k][1] = 0;
else { else {
a11.mant *= 2; a11.mant *= 2;
shift = 2-shift; shift = 2-shift;


Write Preview
Loading…
Cancel
Save