From b06cb15b9d7928bf54b639c9f9f7658c2c38bfb9 Mon Sep 17 00:00:00 2001 From: Andreas Cadhalpun Date: Wed, 13 Jan 2016 00:56:39 +0100 Subject: [PATCH] dca: fix misaligned access in ff_dca_convert_bitstream The function is used on unaligned buffers (such as those provided by AVPacket), accessing them as uint16_t causes SIGBUS crashes on architectures like SPARC. This fixes ubsan runtime error: load of misaligned address for type 'const uint16_t', which requires 2 byte alignment Signed-off-by: Andreas Cadhalpun Signed-off-by: Luca Barbato --- libavcodec/dca.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/libavcodec/dca.c b/libavcodec/dca.c index ebe9fdb47c..c5daf077a9 100644 --- a/libavcodec/dca.c +++ b/libavcodec/dca.c @@ -37,8 +37,6 @@ int ff_dca_convert_bitstream(const uint8_t *src, int src_size, uint8_t *dst, { uint32_t mrk; int i, tmp; - const uint16_t *ssrc = (const uint16_t *) src; - uint16_t *sdst = (uint16_t *) dst; PutBitContext pb; if ((unsigned) src_size > (unsigned) max_size) @@ -50,8 +48,11 @@ int ff_dca_convert_bitstream(const uint8_t *src, int src_size, uint8_t *dst, memcpy(dst, src, src_size); return src_size; case DCA_SYNCWORD_CORE_LE: - for (i = 0; i < (src_size + 1) >> 1; i++) - *sdst++ = av_bswap16(*ssrc++); + for (i = 0; i < (src_size + 1) >> 1; i++) { + AV_WB16(dst, AV_RL16(src)); + src += 2; + dst += 2; + } return src_size; case DCA_SYNCWORD_CORE_14B_BE: case DCA_SYNCWORD_CORE_14B_LE: