[FFmpeg-devel] [PATCH 3/3] avcodec/aacdec_fixed: Handle more extreem cases in noise_scale()
Michael Niedermayer
michael at niedermayer.cc
Thu May 16 14:12:05 EEST 2019
Its unclear if these cases have any relevance in real files
Fixes: shift exponent -2 is negative
Fixes: 14489/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_FIXED_fuzzer-5681941631729664
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
---
libavcodec/aacdec_fixed.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/libavcodec/aacdec_fixed.c b/libavcodec/aacdec_fixed.c
index 0808c81005..1d0142fdb0 100644
--- a/libavcodec/aacdec_fixed.c
+++ b/libavcodec/aacdec_fixed.c
@@ -221,10 +221,15 @@ static void noise_scale(int *coefs, int scale, int band_energy, int len)
}
else {
s = s + 32;
- round = s ? 1 << (s-1) : 0;
- for (i=0; i<len; i++) {
- out = (int)((int64_t)((int64_t)coefs[i] * c + round) >> s);
- coefs[i] = -out;
+ if (s > 0) {
+ round = 1 << (s-1);
+ for (i=0; i<len; i++) {
+ out = (int)((int64_t)((int64_t)coefs[i] * c + round) >> s);
+ coefs[i] = -out;
+ }
+ } else {
+ for (i=0; i<len; i++)
+ coefs[i] = -(int64_t)coefs[i] * c * (1 << -s);
}
}
}
--
2.21.0
More information about the ffmpeg-devel
mailing list