[Speex-dev] probably heap corruption detection

Tom Harper tharper at sightspeed.com
Mon Feb 26 12:35:28 PST 2007


So I see in:

this call is going wrong:
  ind[i] = speex_bits_unpack_unsigned(bits, params->shape_bits);

ind as a way negative number- basically this should return bet.
0-255 or somesuch right?

So seems like I need to reset speex at this point if
if (ind[i] > 256) like the note says.   So I guess my question is
is this range still valid?

also what is the most innocuous value for ind[i] - 0?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.xiph.org/pipermail/speex-dev/attachments/20070226/c023ff31/attachment.htm

More information about the Speex-dev mailing list