Mark fixed subframes with bps > 24 as unparsable

Like 1fd178e, decoding fixed subframes with bps > 24 results in integer overflow Signed-off-by: Ralph Giles <giles@thaumas.net>
author: Martijn van Beurden <mvanb1@gmail.com> 2021-12-22 15:37:02 +0100
committer: Ralph Giles <giles@thaumas.net> 2022-02-08 20:49:12 -0800
commit: d4a72210467a526bab82fa0959ee8b2180acaebf (patch)
tree: e13fb92c18706aff41b8ccbecc2bf11f1e3d2e41
parent: aa126b8f2f46e581cc4689542b8a14e1663dbfaf (diff)
download: flac-d4a72210467a526bab82fa0959ee8b2180acaebf.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c
index db430b85..143229bb 100644
--- a/src/libFLAC/stream_decoder.c
+++ b/src/libFLAC/stream_decoder.c
@@ -2528,6 +2528,12 @@ FLAC__bool read_subframe_(FLAC__StreamDecoder *decoder, uint32_t channel, uint32
 		return true;
 	}
 	else if(x <= 24) {
+		if(decoder->private_->frame.header.bits_per_sample > 24){
+			/* Decoder isn't equipped for fixed subframes with more than 24 bps */
+			send_error_to_client_(decoder, FLAC__STREAM_DECODER_ERROR_STATUS_UNPARSEABLE_STREAM);
+			decoder->protected_->state = FLAC__STREAM_DECODER_SEARCH_FOR_FRAME_SYNC;
+			return true;
+		}
 		if(!read_subframe_fixed_(decoder, channel, bps, (x>>1)&7, do_full_decode))
 			return false;
 		if(decoder->protected_->state == FLAC__STREAM_DECODER_SEARCH_FOR_FRAME_SYNC) /* means bad sync or got corruption */
author	Martijn van Beurden <mvanb1@gmail.com>	2021-12-22 15:37:02 +0100
committer	Ralph Giles <giles@thaumas.net>	2022-02-08 20:49:12 -0800
commit	d4a72210467a526bab82fa0959ee8b2180acaebf (patch)
tree	e13fb92c18706aff41b8ccbecc2bf11f1e3d2e41
parent	aa126b8f2f46e581cc4689542b8a14e1663dbfaf (diff)
download	flac-d4a72210467a526bab82fa0959ee8b2180acaebf.tar.gz