Ticket #789: patchaacloop.diff

File patchaacloop.diff, 844 bytes (added by cehoyos, 6 years ago)
  • libavcodec/aacdec.c

    diff --git a/libavcodec/aacdec.c b/libavcodec/aacdec.c
    index c9ca0a6..8fd7f08 100644
    a b static int decode_band_types(AACContext *ac, enum BandType band_type[120], 
    809809                av_log(ac->avctx, AV_LOG_ERROR, "invalid band type\n"); 
    810810                return -1; 
    811811            } 
    812             while ((sect_len_incr = get_bits(gb, bits)) == (1 << bits) - 1) 
     812            while ((sect_len_incr = get_bits(gb, bits)) == (1 << bits) - 1 && get_bits_left(gb) >= bits) 
    813813                sect_end += sect_len_incr; 
    814814            sect_end += sect_len_incr; 
    815             if (get_bits_left(gb) < 0) { 
     815            if (get_bits_left(gb) < 0 || sect_len_incr == (1 << bits) - 1) { 
    816816                av_log(ac->avctx, AV_LOG_ERROR, overread_err); 
    817817                return -1; 
    818818            }