zqz/platform-external-webrtc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

iSAC decoder: Don't read past the end of the buffer of encoded bytes

Browse Source 
Bug: chromium:825524
Change-Id: Iff40a9fd62a34474af71b51dd3831a16412fbf3b
Reviewed-on: https://webrtc-review.googlesource.com/66361
Reviewed-by: Henrik Lundin <henrik.lundin@webrtc.org>
Commit-Queue: Karl Wiberg <kwiberg@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#22748}
This commit is contained in:
Karl Wiberg
2018-04-05 11:36:57 +02:00
committed by Commit Bot
parent 844876d050
commit 338f58d95c
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
modules/audio_coding/codecs/isac/main/source/isac.c
View File

@ -1266,7 +1266,9 @@ static int Decode(ISACStruct* ISAC_main_inst,
/* It might be less due to garbage. */ /* It might be less due to garbage. */
if ((numDecodedBytesUB != lenNextStream) && if ((numDecodedBytesUB != lenNextStream) &&
(numDecodedBytesUB != (lenNextStream - (numDecodedBytesLB + 1 + numDecodedBytesUB >= lenEncodedBytes ||
numDecodedBytesUB !=
(lenNextStream -
encoded[numDecodedBytesLB + 1 + numDecodedBytesUB]))) { encoded[numDecodedBytesLB + 1 + numDecodedBytesUB]))) {
instISAC->errorCode = ISAC_LENGTH_MISMATCH; instISAC->errorCode = ISAC_LENGTH_MISMATCH;
return -1; return -1;