generic-library/ffmpeg
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

wavpack: Fix 32-bit clipping

Browse Source 
In the case that (frame_flags & 0x03) == 3, hybrid_maxclip
may have had a signed integer overflow.

Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
This commit is contained in:
Derek Buitenhuis 2011-12-16 13:31:29 -05:00 committed by Anton Khirnov
parent 365e1ec26d
commit bb9747c8ee
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libavcodec/wavpack.c
View File

@ -408,7 +408,7 @@ static inline int wv_get_value_integer(WavpackFrameContext *s, uint32_t *crc, in
bit = (((S + bit) << s->shift) - bit) << s->post_shift; bit = (((S + bit) << s->shift) - bit) << s->post_shift;
if(s->hybrid) if(s->hybrid)
bit = av_clip(bit, -s->hybrid_maxclip, s->hybrid_maxclip - 1); bit = av_clip(bit, -s->hybrid_maxclip - 1, s->hybrid_maxclip);
return bit; return bit;
} }
@ -798,7 +798,7 @@ static int wavpack_decode_block(AVCodecContext *avctx, int block_no,
s->joint = s->frame_flags & WV_JOINT_STEREO; s->joint = s->frame_flags & WV_JOINT_STEREO;
s->hybrid = s->frame_flags & WV_HYBRID_MODE; s->hybrid = s->frame_flags & WV_HYBRID_MODE;
s->hybrid_bitrate = s->frame_flags & WV_HYBRID_BITRATE; s->hybrid_bitrate = s->frame_flags & WV_HYBRID_BITRATE;
s->hybrid_maxclip = 1 << ((((s->frame_flags & 0x03) + 1) << 3) - 1); s->hybrid_maxclip = (1LL << ((((s->frame_flags & 0x03) + 1) << 3) - 1)) - 1;
s->post_shift = 8 * (bpp-1-(s->frame_flags&0x03)) + ((s->frame_flags >> 13) & 0x1f); s->post_shift = 8 * (bpp-1-(s->frame_flags&0x03)) + ((s->frame_flags >> 13) & 0x1f);
s->CRC = AV_RL32(buf); buf += 4; s->CRC = AV_RL32(buf); buf += 4;
if(wc->mkv_mode) if(wc->mkv_mode)