diff options
author | Ashwin Natesan <ashwin.natesan@ittiam.com> | 2023-03-09 15:59:37 +0530 |
---|---|---|
committer | Harish Mahendrakar <harish.mahendrakar@ittiam.com> | 2023-03-09 06:51:21 -0800 |
commit | ab835f3240d52843b4480fa77352b15c3668ed5a (patch) | |
tree | 143e768d9f5bf251e88ad1e0f5d12ae1779df243 | |
parent | a3766576c3858ead328a2c177482412722bd50ae (diff) | |
download | libavc-ab835f3240d52843b4480fa77352b15c3668ed5a.tar.gz |
svcenc: fixed incorrect EPB checks
If 'u4_strm_buf_offset < 4' when 'isvce_cabac_flush' is called,
then EPB could not have been inserted into the stream buffer.
BUG = ossfuzz:56816
Test: svc_enc_fuzzer
-rw-r--r-- | encoder/svc/isvce_cabac.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/encoder/svc/isvce_cabac.c b/encoder/svc/isvce_cabac.c index 3d3194d..95f5111 100644 --- a/encoder/svc/isvce_cabac.c +++ b/encoder/svc/isvce_cabac.c @@ -263,7 +263,7 @@ void isvce_cabac_flush(isvce_cabac_ctxt_t *ps_cabac_ctxt) is not correct as per standard */ /* so check for previous four bytes and if it is equal to 0x00000303 then subtract u4_strm_buf_offset by 1 */ - if(pu1_strm_buf[u4_strm_buf_offset - 1] == 0x03 && + if((u4_strm_buf_offset >= 4) && pu1_strm_buf[u4_strm_buf_offset - 1] == 0x03 && pu1_strm_buf[u4_strm_buf_offset - 2] == 0x03 && pu1_strm_buf[u4_strm_buf_offset - 3] == 0x00 && pu1_strm_buf[u4_strm_buf_offset - 4] == 0x00) |