[FFmpeg-cvslog] avcodec/aacsbr_fixed: Fix multiple runtime error: shift exponent 150 is too large for 32-bit type 'int'
Michael Niedermayer
git at videolan.org
Fri May 19 14:15:08 EEST 2017
ffmpeg | branch: master | Michael Niedermayer <michael at niedermayer.cc> | Fri May 19 12:25:52 2017 +0200| [3fb104f4476ad238e2ca768e9b80dc314e6e856d] | committer: Michael Niedermayer
avcodec/aacsbr_fixed: Fix multiple runtime error: shift exponent 150 is too large for 32-bit type 'int'
Fixes: 1681/clusterfuzz-testcase-minimized-5970545365483520
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3fb104f4476ad238e2ca768e9b80dc314e6e856d
---
libavcodec/aacsbr_fixed.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/libavcodec/aacsbr_fixed.c b/libavcodec/aacsbr_fixed.c
index b15a963ebf..adca573a29 100644
--- a/libavcodec/aacsbr_fixed.c
+++ b/libavcodec/aacsbr_fixed.c
@@ -288,6 +288,8 @@ static void sbr_hf_inverse_filter(SBRDSPContext *dsp,
shift = a00.exp;
if (shift >= 3)
alpha0[k][0] = 0x7fffffff;
+ else if (shift <= -30)
+ alpha0[k][0] = 0;
else {
a00.mant *= 2;
shift = 2-shift;
@@ -302,6 +304,8 @@ static void sbr_hf_inverse_filter(SBRDSPContext *dsp,
shift = a01.exp;
if (shift >= 3)
alpha0[k][1] = 0x7fffffff;
+ else if (shift <= -30)
+ alpha0[k][1] = 0;
else {
a01.mant *= 2;
shift = 2-shift;
@@ -315,6 +319,8 @@ static void sbr_hf_inverse_filter(SBRDSPContext *dsp,
shift = a10.exp;
if (shift >= 3)
alpha1[k][0] = 0x7fffffff;
+ else if (shift <= -30)
+ alpha1[k][0] = 0;
else {
a10.mant *= 2;
shift = 2-shift;
@@ -329,6 +335,8 @@ static void sbr_hf_inverse_filter(SBRDSPContext *dsp,
shift = a11.exp;
if (shift >= 3)
alpha1[k][1] = 0x7fffffff;
+ else if (shift <= -30)
+ alpha1[k][1] = 0;
else {
a11.mant *= 2;
shift = 2-shift;
More information about the ffmpeg-cvslog
mailing list