0008-flac.git-8147ee7e.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
From: Erik de Castro Lopo <erikd@mega-nerd.com>
Date: Sun, 25 Aug 2019 07:50:36 +0000 (+1000)
Subject: libFLAC/bitreader.c: Fix shift invoking undefined behaviour
X-Git-Url: http://git.xiph.org/?p=flac.git;a=commitdiff_plain;h=8147ee7ea214195bddab403840c95d4c748bfedc
libFLAC/bitreader.c: Fix shift invoking undefined behaviour
Credit: Oss-Fuzz
Issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16464
Testcase: fuzzer_decoder-5663276452544512
---
diff --git a/src/libFLAC/bitreader.c b/src/libFLAC/bitreader.c
index 62e11991..5e4b5918 100644
--- a/src/libFLAC/bitreader.c
+++ b/src/libFLAC/bitreader.c
@@ -119,8 +119,10 @@ static inline void crc16_update_word_(FLAC__BitReader *br, brword word)
{
register uint32_t crc = br->read_crc16;
- for( ; br->crc16_align < FLAC__BITS_PER_WORD; br->crc16_align += 8)
- crc = FLAC__CRC16_UPDATE((uint32_t)((word >> (FLAC__BITS_PER_WORD-8-br->crc16_align)) & 0xff), crc);
+ for ( ; br->crc16_align < FLAC__BITS_PER_WORD ; br->crc16_align += 8) {
+ uint32_t shift = FLAC__BITS_PER_WORD - 8 - br->crc16_align ;
+ crc = FLAC__CRC16_UPDATE ((uint32_t) (shift < FLAC__BITS_PER_WORD ? (word >> shift) & 0xff : 0), crc);
+ }
br->read_crc16 = crc;
br->crc16_align = 0;