admin/webrtc_m130
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use of unititialized value in AECM.

Browse Source 
The AecMobile struct contains a ::farendOld field. It's type is 'short [2][80]'.
The field was initialized by

  memset(&aecm->farendOld[0][0], 0, 160);

But sizeof(short) is not guaranteed to be 1. This causes use of
unititialized memory on some platforms. According to MSAN, it can
affect the output of the echo canceller.

The issue was found by the MSAN  fuzzer.

This change initializes the array properly.

Bug: chromium:805396
Change-Id: Ibcaca2185cfa153e8fd826e9addfc04d7b65e417
Reviewed-on: https://webrtc-review.googlesource.com/43860
Reviewed-by: Sam Zackrisson <saza@webrtc.org>
Commit-Queue: Alex Loiko <aleloi@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#21764}
This commit is contained in:
Alex Loiko 2018-01-25 14:27:04 +01:00 committed by Commit Bot
parent c9e4522656
commit bc5c69f8e7
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
modules/audio_processing/aecm/echo_control_mobile.cc
View File

@ -180,7 +180,7 @@ int32_t WebRtcAecm_Init(void *aecmInst, int32_t sampFreq)
aecm->knownDelay = 0;
aecm->lastDelayDiff = 0;
memset(&aecm->farendOld[0][0], 0, 160);
memset(&aecm->farendOld, 0, sizeof(aecm->farendOld));
// Default settings.
aecConfig.cngMode = AecmTrue;