From dcc3d7bc35eb9b1b2e9b30c87933e836dad06183 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?kleines=20Filmr=C3=B6llchen?= <filmroellchen@serenityos.org>
Date: Sun, 20 Aug 2023 14:15:23 +0200
Subject: [PATCH] LibAudio: Treat FLAC bps <= wasted_bps as error instead of
 crash
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This can happen with some weird inputs, so instead, return an error; we
need at least one “effective” bit per sample so the bits per sample
cannot be less than or equal to the wasted bits per sample.
---
 Userland/Libraries/LibAudio/FlacLoader.cpp | 24 +++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

diff --git a/Userland/Libraries/LibAudio/FlacLoader.cpp b/Userland/Libraries/LibAudio/FlacLoader.cpp
index 758f9cc895..c31f6bbe4c 100644
--- a/Userland/Libraries/LibAudio/FlacLoader.cpp
+++ b/Userland/Libraries/LibAudio/FlacLoader.cpp
@@ -746,7 +746,13 @@ ErrorOr<Vector<i64>, LoaderError> FlacLoaderPlugin::decode_verbatim(FlacSubframe
     Vector<i64> decoded;
     decoded.ensure_capacity(m_current_frame->sample_count);
 
-    VERIFY(subframe.bits_per_sample - subframe.wasted_bits_per_sample != 0);
+    if (subframe.bits_per_sample <= subframe.wasted_bits_per_sample) {
+        return LoaderError {
+            LoaderError::Category::Format,
+            TRY(m_stream->tell()),
+            "Effective verbatim bits per sample are zero"sv,
+        };
+    }
     for (size_t i = 0; i < m_current_frame->sample_count; ++i) {
         decoded.unchecked_append(sign_extend(
             TRY(bit_input.read_bits<u64>(subframe.bits_per_sample - subframe.wasted_bits_per_sample)),
@@ -766,7 +772,13 @@ ErrorOr<void, LoaderError> FlacLoaderPlugin::decode_custom_lpc(Vector<i64>& deco
 
     decoded.ensure_capacity(m_current_frame->sample_count);
 
-    VERIFY(subframe.bits_per_sample - subframe.wasted_bits_per_sample != 0);
+    if (subframe.bits_per_sample <= subframe.wasted_bits_per_sample) {
+        return LoaderError {
+            LoaderError::Category::Format,
+            TRY(m_stream->tell()),
+            "Effective verbatim bits per sample are zero"sv,
+        };
+    }
     // warm-up samples
     for (auto i = 0; i < subframe.order; ++i) {
         decoded.unchecked_append(sign_extend(
@@ -825,7 +837,13 @@ ErrorOr<Vector<i64>, LoaderError> FlacLoaderPlugin::decode_fixed_lpc(FlacSubfram
     Vector<i64> decoded;
     decoded.ensure_capacity(m_current_frame->sample_count);
 
-    VERIFY(subframe.bits_per_sample - subframe.wasted_bits_per_sample != 0);
+    if (subframe.bits_per_sample <= subframe.wasted_bits_per_sample) {
+        return LoaderError {
+            LoaderError::Category::Format,
+            TRY(m_stream->tell()),
+            "Effective verbatim bits per sample are zero"sv,
+        };
+    }
     // warm-up samples
     for (auto i = 0; i < subframe.order; ++i) {
         decoded.unchecked_append(sign_extend(