virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-08-04 22:03:09 +02:00
Code Issues Releases Activity

aacdec_ac: fix signed overflow in ff_aac_ac_update_context()

Browse Source 
The issue is that state->cur[] is 8-bits, but a+b+1 can overflow
before being clipped to 0xF in the following line, causing an incorrect
state to be saved for the next symbol.

This solves numerous bitstream desyncs, particularly when coefficients
with magnitude greater than 127 are sent.
This commit is contained in:
Lynne
2025-05-23 06:42:38 +09:00
parent 8c509ba491
commit 56b85b689d
1 changed files with 1 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
libavcodec/aac/aacdec_ac.c
View File

@ -91,10 +91,7 @@ uint32_t ff_aac_ac_get_pk(uint32_t c)
void ff_aac_ac_update_context(AACArithState *state, int idx,
uint16_t a, uint16_t b)
{
state->cur[0] = a + b + 1;
if (state->cur[0] > 0xF)
state->cur[0] = 0xF;
state->cur[0] = FFMIN(a + b + 1, 0xF);
state->cur[3] = state->cur[2];
state->cur[2] = state->cur[1];
state->cur[1] = state->cur[0];