zqz/platform-external-webrtc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

WebRtcIsacfix_PitchFilter: Don't read uninitialized array entries

Browse Source 
WebRtcIsacfix_PitchFilterCore requires indW32 >= PITCH_FRACORDER - 2;
otherwise, it will read from entries of ubufQQ that haven't been
written yet. (The problem of indW32 being too small has only been seen
in fuzzer tests, not in real life.)

BUG=chromium:581901

Review URL: https://codereview.webrtc.org/1811453002

Cr-Commit-Position: refs/heads/master@{#12047}
This commit is contained in:
kwiberg
2016-03-17 22:17:14 -07:00
committed by Commit bot
parent 076c7b541c
commit 15622c0aaf
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
webrtc/modules/audio_coding/codecs/isac/fix/source/pitch_filter.c
View File

@ -109,6 +109,13 @@ void WebRtcIsacfix_PitchFilter(int16_t* indatQQ, // Q10 if type is 1 or 4,
curGainQ12 += gaindeltaQ12;
curLagQ7 += lagdeltaQ7;
indW32 = CalcLrIntQ(curLagQ7, 7);
if (indW32 < PITCH_FRACORDER - 2) {
// WebRtcIsacfix_PitchFilterCore requires indW32 >= PITCH_FRACORDER -
// 2; otherwise, it will read from entries of ubufQQ that haven't been
// written yet. (This problem has only been seen in fuzzer tests, not
// in real life.) See Chromium bug 581901.
indW32 = PITCH_FRACORDER - 2;
}
frcQQ = ((indW32 << 7) + 64 - curLagQ7) >> 4;
if (frcQQ == PITCH_FRACS) {