wmalosslessdec: make arrays indexed by ch large enough for maximum number of channels

Fixes out of array accesses Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2024-12-23 12:43:46 +02:00 · 2013-01-10 04:50:33 +01:00 · 2013-01-10 04:50:33 +01:00 · 6471f63da2
commit 6471f63da2
parent 7cb46b5191
1 changed files with 11 additions and 11 deletions
--- a/libavcodec/wmalosslessdec.c
+++ b/libavcodec/wmalosslessdec.c
@ -123,7 +123,7 @@ typedef struct WmallDecodeCtx {
    int8_t  acfilter_order;
    int8_t  acfilter_scaling;
    int64_t acfilter_coeffs[16];
-    int     acfilter_prevvalues[2][16];
+    int     acfilter_prevvalues[WMALL_MAX_CHANNELS][16];
    int8_t  mclms_order;
    int8_t  mclms_scaling;
@ -145,29 +145,29 @@ typedef struct WmallDecodeCtx {
        int16_t lms_prevvalues[MAX_ORDER * 2];
        int16_t lms_updates[MAX_ORDER * 2];
        int recent;
-    } cdlms[2][9];
+    } cdlms[WMALL_MAX_CHANNELS][9];
-    int cdlms_ttl[2];
+    int cdlms_ttl[WMALL_MAX_CHANNELS];
    int bV3RTM;
-    int is_channel_coded[2];
+    int is_channel_coded[WMALL_MAX_CHANNELS];
-    int update_speed[2];
+    int update_speed[WMALL_MAX_CHANNELS];
-    int transient[2];
+    int transient[WMALL_MAX_CHANNELS];
-    int transient_pos[2];
+    int transient_pos[WMALL_MAX_CHANNELS];
    int seekable_tile;
-    int ave_sum[2];
+    int ave_sum[WMALL_MAX_CHANNELS];
-    int channel_residues[2][WMALL_BLOCK_MAX_SIZE];
+    int channel_residues[WMALL_MAX_CHANNELS][WMALL_BLOCK_MAX_SIZE];
-    int lpc_coefs[2][40];
+    int lpc_coefs[WMALL_MAX_CHANNELS][40];
    int lpc_order;
    int lpc_scaling;
    int lpc_intbits;
-    int channel_coeffs[2][WMALL_BLOCK_MAX_SIZE];
+    int channel_coeffs[WMALL_MAX_CHANNELS][WMALL_BLOCK_MAX_SIZE];
 } WmallDecodeCtx;