Fix use of undefined value

The mechanism to improve metadata reading added in 0077d3b overrides a FLAC__STREAM_DECODER_ABORTED with FLAC__STREAM_DECODER_SEARCH_FOR_FRAME_SYNC causing the decoder to overread a buffer into an uninitialized part. A check is added that ensures searching for frame sync is only set when the decoder is still in a valid state Credit: Oss-Fuzz Issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47525
author: Martijn van Beurden <mvanb1@gmail.com> 2022-05-20 14:55:43 +0200
committer: Martijn van Beurden <mvanb1@gmail.com> 2022-05-20 19:38:56 +0200
commit: 69cf76c58e797d093cea73b1f8ad1ff55ec2786d (patch)
tree: 309dbafa7baf8abf79712e598071d95eaa355539 /src
parent: 43b6b64cad5e38de2101296f4154b69f693664ae (diff)
download: flac-69cf76c58e797d093cea73b1f8ad1ff55ec2786d.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c
index afc3923a..f085e3be 100644
--- a/src/libFLAC/stream_decoder.c
+++ b/src/libFLAC/stream_decoder.c
@@ -1525,7 +1525,8 @@ FLAC__bool read_metadata_(FLAC__StreamDecoder *decoder)
 				 * We cannot know whether the length or the content was
 				 * corrupt, so stop parsing metadata */
 				send_error_to_client_(decoder, FLAC__STREAM_DECODER_ERROR_STATUS_BAD_METADATA);
-				decoder->protected_->state = FLAC__STREAM_DECODER_SEARCH_FOR_FRAME_SYNC;
+				if(decoder->protected_->state == FLAC__STREAM_DECODER_READ_METADATA)
+					decoder->protected_->state = FLAC__STREAM_DECODER_SEARCH_FOR_FRAME_SYNC;
 				ok = false;
 			}
 			FLAC__bitreader_remove_limit(decoder->private_->input);
author	Martijn van Beurden <mvanb1@gmail.com>	2022-05-20 14:55:43 +0200
committer	Martijn van Beurden <mvanb1@gmail.com>	2022-05-20 19:38:56 +0200
commit	69cf76c58e797d093cea73b1f8ad1ff55ec2786d (patch)
tree	309dbafa7baf8abf79712e598071d95eaa355539 /src
parent	43b6b64cad5e38de2101296f4154b69f693664ae (diff)
download	flac-69cf76c58e797d093cea73b1f8ad1ff55ec2786d.tar.gz