Commit 11477122 authored by Tristan Matthews's avatar Tristan Matthews

speexdec_fuzzer: avoid integer overflow

Fixes ubsan error:
"runtime error: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself"

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/speex
parent 7a762519
......@@ -239,6 +239,10 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *fuzz_data, size_t fuzz_size
return 0;
}
skip_samples = frame_size*(int64_t)(a - b)/granule_frame_size;
if (skip_samples == INT_MIN) {
cleanup(st, &bits, stream_init, &os, &oy);
return 0;
}
if (ogg_page_eos(&og))
skip_samples = -skip_samples;
/*else if (!ogg_page_bos(&og))
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment