From 5da0498a3e23339aaceba659a97e935031d5693d Mon Sep 17 00:00:00 2001
From: Jean-Marc Valin <jmvalin@jmvalin.ca>
Date: Sat, 30 Jul 2016 11:38:28 -0400
Subject: [PATCH] Fixes overflow in CNG

(found through fuzzing)
---
 silk/CNG.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/silk/CNG.c b/silk/CNG.c
index 8443ad63b..701b36a38 100644
--- a/silk/CNG.c
+++ b/silk/CNG.c
@@ -170,7 +170,7 @@ void silk_CNG(
             }
 
             /* Update states */
-            CNG_sig_Q14[ MAX_LPC_ORDER + i ] = silk_ADD_LSHIFT( CNG_sig_Q14[ MAX_LPC_ORDER + i ], LPC_pred_Q10, 4 );
+            CNG_sig_Q14[ MAX_LPC_ORDER + i ] = silk_ADD_SAT32( CNG_sig_Q14[ MAX_LPC_ORDER + i ], silk_LSHIFT_SAT32( LPC_pred_Q10, 4 ) );
             
             /* Scale with Gain and add to input signal */
             frame[ i ] = (opus_int16)silk_ADD_SAT16( frame[ i ], silk_SAT16( silk_RSHIFT_ROUND( silk_SMULWW( CNG_sig_Q14[ MAX_LPC_ORDER + i ], gain_Q10 ), 8 ) ) );
-- 
GitLab