[FFmpeg-cvslog] avcodec/adpcm: Fix adpcm_ima_wav padding

Michael Niedermayer git at videolan.org
Sun Aug 21 03:53:54 EEST 2016


ffmpeg | branch: master | Michael Niedermayer <michael at niedermayer.cc> | Sun Aug 21 01:42:20 2016 +0200| [f2a9a30fd6a2914197ae42ee67703a1471fac2eb] | committer: Michael Niedermayer

avcodec/adpcm: Fix adpcm_ima_wav padding

Fixes out of array read
Fixes: f29f134ea5f5590df554a7733294a587/asan_stack-oob_309d14e_9188_ea01743d6355aff20530f3d4cdaa841a.wav

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f2a9a30fd6a2914197ae42ee67703a1471fac2eb
---

 libavcodec/adpcm.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/adpcm.c b/libavcodec/adpcm.c
index 46c63a2..06ba83e 100644
--- a/libavcodec/adpcm.c
+++ b/libavcodec/adpcm.c
@@ -803,7 +803,7 @@ static int adpcm_decode_frame(AVCodecContext *avctx, void *data,
         if (avctx->bits_per_coded_sample != 4) {
             int samples_per_block = ff_adpcm_ima_block_samples[avctx->bits_per_coded_sample - 2];
             int block_size = ff_adpcm_ima_block_sizes[avctx->bits_per_coded_sample - 2];
-            uint8_t temp[20] = { 0 };
+            uint8_t temp[20 + AV_INPUT_BUFFER_PADDING_SIZE] = { 0 };
             GetBitContext g;
 
             for (n = 0; n < (nb_samples - 1) / samples_per_block; n++) {



More information about the ffmpeg-cvslog mailing list