shithub: mp3dec

Download patch

ref: 0da45b1cc712fe1b10a0ebd76d9dcd1391f040f8
parent: 910808792f8c419c6cf9b3ba282522c8b72cd5fd
author: lieff <[email protected]>
date: Sun Feb 11 11:57:37 EST 2018

better hdr_valid() check, fixes out-of-bounds table access found by afl

--- a/minimp3.h
+++ b/minimp3.h
@@ -266,6 +266,7 @@
 {
     return h[0] == 0xff &&
         ((h[1] & 0xF0) == 0xf0 || (h[1] & 0xFE) == 0xe2) &&
+        (HDR_GET_LAYER(h) != 0) &&
         (HDR_GET_BITRATE(h) != 15) &&
         (HDR_GET_SAMPLE_RATE(h) != 3);
 }