shithub: mp3dec

Download patch

ref: 1be357c884712b7861012e726831d7a87ab07619
parent: 76c490405cc766244eceb4176d1201f7e9115c2f
author: lieff <[email protected]>
date: Wed Feb 14 12:17:17 EST 2018

Limit float point dynamic range to avoid fp exceptions on float->int instructions.
Encoders should not produce such files, but can happen on bad files.

--- a/minimp3.h
+++ b/minimp3.h
@@ -1389,10 +1389,8 @@
 
 static short mp3d_scale_pcm(float sample)
 {
-#ifdef FUZZ
     if (sample >  32767.0) return (short) 32767;
     if (sample < -32768.0) return (short)-32768;
-#endif
     int s = (int)(sample + .5f);
     s -= (s < 0);   /* away from zero, to be compliant */
     if (s >  32767) return (short) 32767;
@@ -1486,8 +1484,11 @@
         V0(0) V2(1) V1(2) V2(3) V1(4) V2(5) V1(6) V2(7)
 
         {
+            static const f4 g_max = { 32767.0f, 32767.0f, 32767.0f, 32767.0f };
+            static const f4 g_min = { -32768.0f, -32768.0f, -32768.0f, -32768.0f };
 #if HAVE_SSE
-            __m128i pcm8 = _mm_packs_epi32(_mm_cvtps_epi32(a), _mm_cvtps_epi32(b));
+            __m128i pcm8 = _mm_packs_epi32(_mm_cvtps_epi32(_mm_max_ps(_mm_min_ps(a, g_max), g_min)),
+                                           _mm_cvtps_epi32(_mm_max_ps(_mm_min_ps(b, g_max), g_min)));
             dstr[(15 - i)*nch] = _mm_extract_epi16(pcm8, 1);
             dstr[(17 + i)*nch] = _mm_extract_epi16(pcm8, 5);
             dstl[(15 - i)*nch] = _mm_extract_epi16(pcm8, 0);
@@ -1500,6 +1501,8 @@
             int16x4_t pcma, pcmb;
             a = VADD(a, VSET(0.5f));
             b = VADD(b, VSET(0.5f));
+            a = vmaxq_f32(vminq_f32(a, g_max), g_min);
+            b = vmaxq_f32(vminq_f32(b, g_max), g_min);
             pcma = vqmovn_s32(vaddq_s32(vcvtq_s32_f32(a), vreinterpretq_s32_u32(vcltq_f32(a, VSET(0)))));
             pcmb = vqmovn_s32(vaddq_s32(vcvtq_s32_f32(b), vreinterpretq_s32_u32(vcltq_f32(b, VSET(0)))));
             vst1_lane_s16(dstr + (15 - i)*nch, pcma, 1);
--- a/scripts/build.sh
+++ b/scripts/build.sh
@@ -14,16 +14,20 @@
 set -e
 gcov minimp3_test.c
 
-gcc -O2 -g -std=c89 -Wall -Wextra -Wmissing-prototypes -Werror -fno-asynchronous-unwind-tables -fno-stack-protector \
+gcc -O2 -m32 -std=c89 -Wall -Wextra -Wmissing-prototypes -Werror -fno-asynchronous-unwind-tables -fno-stack-protector \
 -ffunction-sections -fdata-sections -Wl,--gc-sections -o minimp3 minimp3_test.c -lm
 scripts/test.sh
 
-arm-none-eabi-gcc -O2 -g -std=c89 -Wall -Wextra -Wmissing-prototypes -Werror -fno-asynchronous-unwind-tables -fno-stack-protector \
+gcc -O2 -std=c89 -Wall -Wextra -Wmissing-prototypes -Werror -fno-asynchronous-unwind-tables -fno-stack-protector \
+-ffunction-sections -fdata-sections -Wl,--gc-sections -o minimp3 minimp3_test.c -lm
+scripts/test.sh
+
+arm-none-eabi-gcc -O2 -std=c89 -Wall -Wextra -Wmissing-prototypes -Werror -fno-asynchronous-unwind-tables -fno-stack-protector \
 -mthumb -mcpu=cortex-m4 \
 -ffunction-sections -fdata-sections -Wl,--gc-sections -o minimp3_arm minimp3_test.c --specs=rdimon.specs -lm
 qemu-arm ./minimp3_arm
 
-arm-none-eabi-gcc -O2 -g -std=c89 -Wall -Wextra -Wmissing-prototypes -Werror -fno-asynchronous-unwind-tables -fno-stack-protector \
+arm-none-eabi-gcc -O2 -std=c89 -Wall -Wextra -Wmissing-prototypes -Werror -fno-asynchronous-unwind-tables -fno-stack-protector \
 -marm -mcpu=cortex-a15 -mfpu=neon -mfloat-abi=softfp \
 -ffunction-sections -fdata-sections -Wl,--gc-sections -o minimp3_arm minimp3_test.c --specs=rdimon.specs -lm
 qemu-arm ./minimp3_arm
--- a/scripts/fuzz.sh
+++ b/scripts/fuzz.sh
@@ -4,5 +4,5 @@
 
 pushd $CUR_DIR/..
 
-afl-clang-fast -fsanitize=address,undefined -fno-sanitize-recover=address,undefined -DFUZZ -o minimp3_fuzz minimp3_test.c -lm
+afl-clang-fast -fsanitize=address,undefined -fno-sanitize-recover=address,undefined -o minimp3_fuzz minimp3_test.c -lm
 afl-fuzz -d -m none -i vectors/fuzz -o fuzz_out -- ./minimp3_fuzz @@
\ No newline at end of file
--- a/scripts/fuzz_libfuzzer.sh
+++ b/scripts/fuzz_libfuzzer.sh
@@ -4,5 +4,5 @@
 
 pushd $CUR_DIR/..
 
-clang-5.0 -g -fsanitize=address,undefined -fsanitize-coverage=trace-pc-guard -DFUZZ -DLIBFUZZER -o minimp3_libfuzz minimp3_test.c -lFuzzer -lstdc++ -lm
+clang-5.0 -g -fsanitize=address,undefined -fsanitize-coverage=trace-pc-guard -DLIBFUZZER -o minimp3_libfuzz minimp3_test.c -lFuzzer -lstdc++ -lm
 ./minimp3_libfuzz -max_len=1024 vectors/fuzz
\ No newline at end of file