From aa126b8f2f46e581cc4689542b8a14e1663dbfaf Mon Sep 17 00:00:00 2001 From: Martijn van Beurden Date: Wed, 22 Dec 2021 15:15:16 +0100 Subject: Mark 32 bps stream with stereo decorrelation as unparsable Credit: Oss-Fuzz Issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19234 Signed-off-by: Ralph Giles --- src/libFLAC/stream_decoder.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c index eb183186..db430b85 100644 --- a/src/libFLAC/stream_decoder.c +++ b/src/libFLAC/stream_decoder.c @@ -2359,6 +2359,11 @@ FLAC__bool read_frame_header_(FLAC__StreamDecoder *decoder) break; } + if(decoder->private_->frame.header.bits_per_sample == 32 && decoder->private_->frame.header.channel_assignment != FLAC__CHANNEL_ASSIGNMENT_INDEPENDENT){ + /* Decoder isn't equipped for 33-bit side frame */ + is_unparseable = true; + } + #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION /* check to make sure that reserved bit is 0 */ if(raw_header[3] & 0x01) /* MAGIC NUMBER */ -- cgit v1.2.1