libFLAC/bitreader.c: Fix shift invoking undefined behaviour
authorErik de Castro Lopo <erikd@mega-nerd.com>
Sun, 10 Nov 2019 19:42:11 +0000 (06:42 +1100)
committerErik de Castro Lopo <erikd@mega-nerd.com>
Mon, 11 Nov 2019 00:42:34 +0000 (11:42 +1100)
Credit: Oss-Fuzz
Issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18589
Testcase: fuzzer_decoder-5668806471188480

src/libFLAC/bitreader.c

index 3df4d02..d2c058d 100644 (file)
@@ -462,7 +462,7 @@ FLAC__bool FLAC__bitreader_read_raw_int32(FLAC__BitReader *br, FLAC__int32 *val,
                return false;
        /* sign-extend *val assuming it is currently bits wide. */
        /* From: https://graphics.stanford.edu/~seander/bithacks.html#FixedSignExtend */
-       mask = 1u << (bits - 1);
+       mask = bits >= 33 ? 0 : 1u << (bits - 1);
        *val = (uval ^ mask) - mask;
        return true;
 }