for latm stream other_data_length is read from the bit stream.
For this stream this value is becoming very high, which is beyond
bit buffer boundaries.
As a fix if the value is more than bit buffer size we are returning
fatal error.
Bug:124210105
Test: poc
Change-Id: Id93e5dbdbbd4aab428401da0ea72422d192bcdec
Array common_gain_element_present was accessed with an index of 10,
so a check has been added as fix and error return code handling has
been modified.
Bug:124022181
Test: poc
Change-Id: Ic9be00f6a9cec2df433e7a5f86616da5e98c9e05
Multiplication by two is replaced by left shift by one and
saturate to avoid integer overflow.
Bug:124023736
Test: vendor+poc
Change-Id: I2b1ffead5f1c72106550d0b81d0cbd6c71acfde6
Better feedback from a bit reading routine, allowing separate offset
adjustments into buffer.
Bug:117610057
Test: vendor+poc
Change-Id: I3031cc50a727987512e2b8979fe14cbe23778245
Bug: http://b/116873221
Mark ixheaacd_init_sbr_tables and ixheaacd_filt_buf_update as static, so
clang emits an out-of-line definition for it. This fixes the coverage
build, that builds with O0, where the functions don't get inlined.
As an unrelated cleanup, remove an extra declaration of
ixheaacd_filt_buf_update.
Test: Build with coverage
Change-Id: Ia92f1d73c404193116fa3f269948027c771a43bf
This fixes un intialized data access in loudness equalizer selection
Memory allocation and distribution inside DRC module was cleaned up.
Memory clean-up changes were done inside the library and in test bench.
Similar changes were done in OMX and C2 plug-in as well.
Bug: 115509210
Test: vendor+poc
Change-Id: I6a2bf5fe6eeecc5d0fec395af020aef8221a5f93
Negation overflow occurs in ixheaacd_cal_fac_data.
As fix, added saturation check in absolute value
calculation.
Bug:120250030
Test: vendor
Change-Id: Ie310d9d21fc12fc76135fa7b411572d3673fe871
Saturation checks has been added after 32 bit
additions and multiplication to avoid integer
overflows in this CL.
Bug:120252825
Test: poc
Change-Id: Ifec303f477de51c218f8cfeb8a4a8ac3e570fcd5
In this erroneous case, initial few frames don't have sbr
and later sbr is present, causing invalid memory access.
As a fix, removed the condition over sbr initialization,
allowing it to initialize sbr independent of sbr being
present or not.
Bug:118685461
Bug:120124033
Test: poc
Change-Id: I54810fb8cb20ebeeff6341efbe32f99860aa0a5c
Added bound checks and handled the respective returned
error across source and header files.
Bug:120452956
Test: vendor, poc
Change-Id: I5a9ebf68e7a5d2f41a0112aff113f0b1b8eeba7c
Instead of saving the cnt_bits and later doing the math
(which was causing integer overflow) to restore bit-buffer
values, we are saving the bit-buffer structure at the start
and then restoring it at the end of the function.
Bug:116843194
Test: vendor
Change-Id: I956e36e1b5d7823171d5d04a9058205b69c65be7