svcenc: fixed incorrect EPB checks

If 'u4_strm_buf_offset < 4' when 'isvce_cabac_flush' is called, then EPB could not have been inserted into the stream buffer. BUG = ossfuzz:56816 Test: svc_enc_fuzzer
author: Ashwin Natesan <ashwin.natesan@ittiam.com> 2023-03-09 15:59:37 +0530
committer: Harish Mahendrakar <harish.mahendrakar@ittiam.com> 2023-03-09 06:51:21 -0800
commit: ab835f3240d52843b4480fa77352b15c3668ed5a (patch)
tree: 143e768d9f5bf251e88ad1e0f5d12ae1779df243
parent: a3766576c3858ead328a2c177482412722bd50ae (diff)
download: libavc-ab835f3240d52843b4480fa77352b15c3668ed5a.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/encoder/svc/isvce_cabac.c b/encoder/svc/isvce_cabac.c
index 3d3194d..95f5111 100644
--- a/encoder/svc/isvce_cabac.c
+++ b/encoder/svc/isvce_cabac.c
@@ -263,7 +263,7 @@ void isvce_cabac_flush(isvce_cabac_ctxt_t *ps_cabac_ctxt)
              is not correct as per standard */
             /* so check for previous four bytes and if it is equal to 0x00000303
              then subtract u4_strm_buf_offset by 1 */
-            if(pu1_strm_buf[u4_strm_buf_offset - 1] == 0x03 &&
+            if((u4_strm_buf_offset >= 4) && pu1_strm_buf[u4_strm_buf_offset - 1] == 0x03 &&
                pu1_strm_buf[u4_strm_buf_offset - 2] == 0x03 &&
                pu1_strm_buf[u4_strm_buf_offset - 3] == 0x00 &&
                pu1_strm_buf[u4_strm_buf_offset - 4] == 0x00)
author	Ashwin Natesan <ashwin.natesan@ittiam.com>	2023-03-09 15:59:37 +0530
committer	Harish Mahendrakar <harish.mahendrakar@ittiam.com>	2023-03-09 06:51:21 -0800
commit	ab835f3240d52843b4480fa77352b15c3668ed5a (patch)
tree	143e768d9f5bf251e88ad1e0f5d12ae1779df243
parent	a3766576c3858ead328a2c177482412722bd50ae (diff)
download	libavc-ab835f3240d52843b4480fa77352b15c3668ed5a.tar.gz