[Speex-dev] probably heap corruption detection

Jean-Marc Valin jean-marc.valin at usherbrooke.ca
Tue Feb 27 14:26:03 PST 2007


> split_cb_shape_sign_unquant
> this call is going wrong:
>  ind[i] = speex_bits_unpack_unsigned(bits, params->shape_bits);
> 
> ind as a way negative number- basically this should return bet.
> 0-255 or somesuch right?

I really don't see how this could be happening. Have a look at
speex_bits_unpack_unsigned(). Basically, it has to return an integer
between 0 and 2^params->shape_bits - 1. Unless you can track down the
exact error in Speex, I would tend to suspect a memory corruption in
your application that causes problems in a different place.

> So seems like I need to reset speex at this point if
> if (ind[i] > 256) like the note says.   So I guess my question is
> is this range still valid?
> 
> also what is the most innocuous value for ind[i] - 0?

See above, but I would recommend against that kind of hack.

	Jean-Marc



More information about the Speex-dev mailing list