diff options
author | Erik de Castro Lopo <erikd@mega-nerd.com> | 2019-10-07 12:55:58 +1100 |
---|---|---|
committer | Erik de Castro Lopo <erikd@mega-nerd.com> | 2019-10-08 06:14:06 +1100 |
commit | 2e7931c27eb15e387da440a37f12437e35b22dd4 (patch) | |
tree | 9d7c2cae42c23129c8897e1cbdffdc36b5188a0f /src | |
parent | 6d0e222a6e03f1258129b9939d3eb47870d5502a (diff) | |
download | flac-2e7931c27eb15e387da440a37f12437e35b22dd4.tar.gz |
libFLAC/bitreader.c: Fix out-of-bounds read
Credit: Oss-Fuzz
Issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17069
Testcase: fuzzer_decoder-5670265022840832
Diffstat (limited to 'src')
-rw-r--r-- | src/libFLAC/bitreader.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/libFLAC/bitreader.c b/src/libFLAC/bitreader.c index 5e4b5918..3df4d02c 100644 --- a/src/libFLAC/bitreader.c +++ b/src/libFLAC/bitreader.c @@ -869,7 +869,7 @@ incomplete_lsbs: cwords = br->consumed_words; words = br->words; ucbits = FLAC__BITS_PER_WORD - br->consumed_bits; - b = br->buffer[cwords] << br->consumed_bits; + b = cwords < br->capacity ? br->buffer[cwords] << br->consumed_bits : 0; } while(cwords >= words && val < end); } |