Skip to content

Commit 4bc05fc

Browse files
committed
fixes for 4 fuzz failures posted to SourceForge mailing list
1 parent df0488c commit 4bc05fc

File tree

2 files changed

+9
-1
lines changed

2 files changed

+9
-1
lines changed

Diff for: src/open_utils.c

+5-1
Original file line numberDiff line numberDiff line change
@@ -560,7 +560,7 @@ static int read_new_config_info (WavpackContext *wpc, WavpackMetadata *wpmd)
560560

561561
// if there's any data, the first two bytes are file_format and qmode flags
562562

563-
if (bytecnt) {
563+
if (bytecnt >= 2) {
564564
wpc->file_format = *byteptr++;
565565
wpc->config.qmode = (wpc->config.qmode & ~0xff) | *byteptr++;
566566
bytecnt -= 2;
@@ -593,6 +593,10 @@ static int read_new_config_info (WavpackContext *wpc, WavpackMetadata *wpmd)
593593
for (i = 0; i < nchans; ++i)
594594
if (bytecnt) {
595595
wpc->channel_reordering [i] = *byteptr++;
596+
597+
if (wpc->channel_reordering [i] >= nchans) // make sure index is in range
598+
wpc->channel_reordering [i] = 0;
599+
596600
bytecnt--;
597601
}
598602
else

Diff for: src/read_words.c

+4
Original file line numberDiff line numberDiff line change
@@ -288,6 +288,10 @@ int32_t FASTCALL get_word (WavpackStream *wps, int chan, int32_t *correction)
288288

289289
low &= 0x7fffffff;
290290
high &= 0x7fffffff;
291+
292+
if (low > high) // make sure high and low make sense
293+
high = low;
294+
291295
mid = (high + low + 1) >> 1;
292296

293297
if (!c->error_limit)

0 commit comments

Comments
 (0)