shithub: dav1d

Download patch

ref: a537c5acd9c4bd3b37c83b5783b3f3414fdf907a
parent: 4ec4605bd06d42d057ea5014c08fd09b388c2d97
author: Janne Grunau <janne-vlc@jannau.net>
date: Tue Oct 2 17:16:16 EDT 2018 

get_bits: avoid infinite loops in get_vlc() at EOF

Fixes a fuzzing time out with timeout-e372a93d3be3f703bb7a49ce3d92c72d06f3b9cb.


--- a/src/getbits.c
+++ b/src/getbits.c
@@ -89,8 +89,9 @@
 
 unsigned get_vlc(GetBits *const c) {
     int n_bits = 0;
-    while (!get_bits(c, 1)) n_bits++;
-    if (n_bits >= 32) return 0xFFFFFFFFU;
+    while (!get_bits(c, 1))
+        if (++n_bits == 32)
+            return 0xFFFFFFFFU;
     return ((1 << n_bits) - 1) + get_bits(c, n_bits);
 }