Browse code
atrac3: avoid oversized shifting in decode_bytes()
When `off' is 0, `0x537F6103 << 32' in the following expression invokes
undefined behavior, the result of which is not necessarily 0.
(0x537F6103 >> (off * 8)) | (0x537F6103 << (32 - (off * 8)))
Avoid oversized shifting.
CC: libav-stable@libav.org
Signed-off-by: Xi Wang <xi.wang@gmail.com>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
(cherry picked from commit eba1ff31304e407db3cefd7532108408f364367b)
Xi Wang authored on 2013/03/15 19:31:21Showing 1 changed files
| ... | ... |
@@ -164,7 +164,10 @@ static int decode_bytes(const uint8_t *input, uint8_t *out, int bytes) |
| 164 | 164 |
|
| 165 | 165 |
off = (intptr_t)input & 3; |
| 166 | 166 |
buf = (const uint32_t *)(input - off); |
| 167 |
- c = av_be2ne32((0x537F6103 >> (off * 8)) | (0x537F6103 << (32 - (off * 8)))); |
|
| 167 |
+ if (off) |
|
| 168 |
+ c = av_be2ne32((0x537F6103U >> (off * 8)) | (0x537F6103U << (32 - (off * 8)))); |
|
| 169 |
+ else |
|
| 170 |
+ c = av_be2ne32(0x537F6103U); |
|
| 168 | 171 |
bytes += 3 + off; |
| 169 | 172 |
for (i = 0; i < bytes / 4; i++) |
| 170 | 173 |
output[i] = c ^ buf[i]; |