Commit 399912c0 authored by Sam Hocevar's avatar Sam Hocevar

* parse.c: avoid crashing with invalid frames setting a bitalloc_huffman

    component to 7.
parent e3832887
......@@ -364,7 +364,10 @@ int dca_frame (dca_state_t * state, uint8_t * buf, int * flags,
for (i = 0; i < state->prim_channels; i++)
{
state->bitalloc_huffman[i] = bitstream_get (state, 3);
/* if (state->bitalloc_huffman[i] == 7) bailout */
/* There might be a way not to trash the whole frame, but for
* now we must bail out or we will buffer overflow later. */
if (state->bitalloc_huffman[i] == 7)
return 1;
#ifdef DEBUG
fprintf (stderr, "bit allocation quantizer: %i\n",
state->bitalloc_huffman[i]);
......@@ -541,6 +544,7 @@ static int dca_subframe_header (dca_state_t * state)
k < state->vq_start_subband[j] &&
state->bitalloc[j][k] > 0)
{
/* tmode cannot overflow since transient_huffman[j] < 4 */
state->transition_mode[j][k] = InverseQ (state,
tmode[state->transient_huffman[j]]);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment