[FFmpeg-devel] [FFmpeg-cvslog] avcodec/alsdec: Fix reading 0 mantisse bits
Thilo Borgmann
thilo.borgmann at mail.de
Fri Sep 9 10:11:47 EEST 2016
Am 08.09.16 um 23:41 schrieb James Almer:
>> ffmpeg | branch: master | Michael Niedermayer <michael at niedermayer.cc> | Thu Sep 8 22:02:44 2016 +0200| [037422178d7f1d0dd09e1ce424dd61a69e77668b] | committer: Michael Niedermayer
>>
>> avcodec/alsdec: Fix reading 0 mantisse bits
>>
>> Fixes assertion failure
>> Fixes: 848c24abc1721c9e3d1ba7bfee8d9fcc/asan_heap-oob_1d99eca_3709_567bba70d67e7d62714dcf56f26fb1da.mp4
>>
>> Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
>> Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
>>
>>> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=037422178d7f1d0dd09e1ce424dd61a69e77668b
>> ---
>>
>> libavcodec/alsdec.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/libavcodec/alsdec.c b/libavcodec/alsdec.c
>> index 1bb71f5..8c4ff53 100644
>> --- a/libavcodec/alsdec.c
>> +++ b/libavcodec/alsdec.c
>> @@ -1527,7 +1527,7 @@ static int read_diff_float_data(ALSDecContext *ctx, unsigned int ra_frame) {
>> if (!get_bits1(gb)) { //uncompressed
>> for (i = 0; i < frame_length; ++i) {
>> if (ctx->raw_samples[c][i] != 0) {
>> - raw_mantissa[c][i] = get_bits(gb, nbits[i]);
>> + raw_mantissa[c][i] = nbits[i] ? get_bits(gb, nbits[i]) : 0;
>
> No point changing it now, but keep in mind for future reference that there's a get_bitsz()
> function. It in fact expands to this same code you wrote.
Thanks!
Will fix it soon anyway otherwise I will forget about it.
-Thilo
More information about the ffmpeg-devel
mailing list