Revision 445a9dee

View differences:

libavcodec/wmadec.c
355 355

  
356 356
    while (q < q_end) {
357 357
        code = get_vlc2(&s->gb, s->exp_vlc.table, EXPVLCBITS, EXPMAX);
358
        if (code < 0)
358
        if (code < 0){
359
            av_log(s->avctx, AV_LOG_ERROR, "Exponent vlc invalid\n");
359 360
            return -1;
361
        }
360 362
        /* NOTE: this offset is the same as MPEG4 AAC ! */
361 363
        last_exp += code - 60;
362 364
        if ((unsigned)last_exp + 60 > FF_ARRAY_ELEMS(pow_tab)) {
......
457 459
        if (s->reset_block_lengths) {
458 460
            s->reset_block_lengths = 0;
459 461
            v = get_bits(&s->gb, n);
460
            if (v >= s->nb_block_sizes)
462
            if (v >= s->nb_block_sizes){
463
                av_log(s->avctx, AV_LOG_ERROR, "prev_block_len_bits %d out of range\n", s->frame_len_bits - v);
461 464
                return -1;
465
            }
462 466
            s->prev_block_len_bits = s->frame_len_bits - v;
463 467
            v = get_bits(&s->gb, n);
464
            if (v >= s->nb_block_sizes)
468
            if (v >= s->nb_block_sizes){
469
                av_log(s->avctx, AV_LOG_ERROR, "block_len_bits %d out of range\n", s->frame_len_bits - v);
465 470
                return -1;
471
            }
466 472
            s->block_len_bits = s->frame_len_bits - v;
467 473
        } else {
468 474
            /* update block lengths */
......
470 476
            s->block_len_bits = s->next_block_len_bits;
471 477
        }
472 478
        v = get_bits(&s->gb, n);
473
        if (v >= s->nb_block_sizes)
479
        if (v >= s->nb_block_sizes){
480
            av_log(s->avctx, AV_LOG_ERROR, "next_block_len_bits %d out of range\n", s->frame_len_bits - v);
474 481
            return -1;
482
        }
475 483
        s->next_block_len_bits = s->frame_len_bits - v;
476 484
    } else {
477 485
        /* fixed block len */
......
482 490

  
483 491
    /* now check if the block length is coherent with the frame length */
484 492
    s->block_len = 1 << s->block_len_bits;
485
    if ((s->block_pos + s->block_len) > s->frame_len)
493
    if ((s->block_pos + s->block_len) > s->frame_len){
494
        av_log(s->avctx, AV_LOG_ERROR, "frame_len overflow\n");
486 495
        return -1;
496
    }
487 497

  
488 498
    if (s->nb_channels == 2) {
489 499
        s->ms_stereo = get_bits1(&s->gb);
......
547 557
                            val = get_bits(&s->gb, 7) - 19;
548 558
                        } else {
549 559
                            code = get_vlc2(&s->gb, s->hgain_vlc.table, HGAINVLCBITS, HGAINMAX);
550
                            if (code < 0)
560
                            if (code < 0){
561
                                av_log(s->avctx, AV_LOG_ERROR, "hgain vlc invalid\n");
551 562
                                return -1;
563
                            }
552 564
                            val += code - 18;
553 565
                        }
554 566
                        s->high_band_values[ch][i] = val;
......
882 894
        pos >>= 3;
883 895
        len = buf_size - pos;
884 896
        if (len > MAX_CODED_SUPERFRAME_SIZE || len < 0) {
897
            av_log(s->avctx, AV_LOG_ERROR, "len %d invalid\n", len);
885 898
            goto fail;
886 899
        }
887 900
        s->last_superframe_len = len;

Also available in: Unified diff