From 3203f2e4513b1f7e141e6401ef2f68e0f04b61aa Mon Sep 17 00:00:00 2001 From: Erik Norvell Date: Thu, 22 Jan 2026 14:49:19 +0100 Subject: [PATCH 1/4] Correct buffer length in output scaling in ivas_objectRenderer_fx.c --- lib_com/options.h | 1 + lib_rend/ivas_objectRenderer_fx.c | 8 ++++++++ 2 files changed, 9 insertions(+) diff --git a/lib_com/options.h b/lib_com/options.h index b38e1d635..d5c3b2d90 100644 --- a/lib_com/options.h +++ b/lib_com/options.h @@ -101,6 +101,7 @@ #define FIX_BASOP_2332_ASAN_OVERFLOW_IN_EXT_DIRAC_REND /* Nokia: basop issue 2332: Uses predefined memory sizes instead computing wrong */ #define FIX_BASOP_2333_MCMASA_ANA_MEMORY_LEAK /* Nokia: basop issue 2333: Add missing free for direction_vector_e to ivas_mcmasa_ana_fx.c */ #define HARM_COREDECODER_FUNCTIONS /* VA: basop issue 2347: Remove various duplicated code in core-decoder */ +#define FIX_BASOP_2358_SCALING_OOB /* Eri: Basip issue 2358: Clang-18 reports OOB access where scaling is applied to L_FRAME48k instead of output_frame */ /* #################### End BE switches ################################## */ diff --git a/lib_rend/ivas_objectRenderer_fx.c b/lib_rend/ivas_objectRenderer_fx.c index 9c76335e0..abfc23a1e 100644 --- a/lib_rend/ivas_objectRenderer_fx.c +++ b/lib_rend/ivas_objectRenderer_fx.c @@ -436,7 +436,11 @@ ivas_error ivas_td_binaural_renderer_unwrap_fx( FOR( i = 0; i < MAX_OUTPUT_CHANNELS; ++i ) { +#ifdef FIX_BASOP_2358_SCALING_OOB + scale_sig32( output_fx[i], output_frame, -4 ); // Q11 - 4 = Q7 +#else scale_sig32( output_fx[i], L_FRAME48k, -4 ); // Q11 - 4 = Q7 +#endif } IF( NE_32( ( error = ivas_reverb_process_fx( hReverb, transport_config, 0, output_fx, p_reverb_signal_fx, subframe_idx ) ), IVAS_ERR_OK ) ) // Q p_reverb_signal_fx = Q output_fx - 2 = 5 @@ -446,7 +450,11 @@ ivas_error ivas_td_binaural_renderer_unwrap_fx( FOR( i = 0; i < MAX_OUTPUT_CHANNELS; ++i ) { +#ifdef FIX_BASOP_2358_SCALING_OOB + scale_sig32( output_fx[i], output_frame, 4 ); // Q7 + 4 = Q11 +#else scale_sig32( output_fx[i], L_FRAME48k, 4 ); // Q7 + 4 = Q11 +#endif } FOR( i = 0; i < BINAURAL_CHANNELS; ++i ) -- GitLab From dc96f9e8afb18118bf09cd557bccc8303f373d93 Mon Sep 17 00:00:00 2001 From: Erik Norvell Date: Fri, 23 Jan 2026 07:39:04 +0100 Subject: [PATCH 2/4] Limit scaling to initialized values under FIX_BASOP_2358_SCALING_OOB --- Makefile | 2 +- lib_rend/ivas_objectRenderer_fx.c | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index c9ae4493d..690b48193 100644 --- a/Makefile +++ b/Makefile @@ -75,7 +75,7 @@ CFLAGS += -Wunused-but-set-variable LDLIBS += -lm # Clang sanitizer compiler options -CCCLANG = clang +CCCLANG = clang-18 ifeq "$(CLANG)" "0" CC = $(CCCLANG) endif diff --git a/lib_rend/ivas_objectRenderer_fx.c b/lib_rend/ivas_objectRenderer_fx.c index abfc23a1e..bd638a9cb 100644 --- a/lib_rend/ivas_objectRenderer_fx.c +++ b/lib_rend/ivas_objectRenderer_fx.c @@ -434,7 +434,11 @@ ivas_error ivas_td_binaural_renderer_unwrap_fx( { Word16 i; +#ifdef FIX_BASOP_2358_SCALING_OOB + FOR( i = 0; i < hBinRendererTd->NumOfSrcs; ++i ) +#else FOR( i = 0; i < MAX_OUTPUT_CHANNELS; ++i ) +#endif { #ifdef FIX_BASOP_2358_SCALING_OOB scale_sig32( output_fx[i], output_frame, -4 ); // Q11 - 4 = Q7 @@ -448,7 +452,11 @@ ivas_error ivas_td_binaural_renderer_unwrap_fx( return error; } +#ifdef FIX_BASOP_2358_SCALING_OOB + FOR( i = 0; i < hBinRendererTd->NumOfSrcs; ++i ) +#else FOR( i = 0; i < MAX_OUTPUT_CHANNELS; ++i ) +#endif { #ifdef FIX_BASOP_2358_SCALING_OOB scale_sig32( output_fx[i], output_frame, 4 ); // Q7 + 4 = Q11 -- GitLab From 7327b6f799e0d9c8a06016e6bb80c6c9bbafeb8b Mon Sep 17 00:00:00 2001 From: Erik Norvell Date: Fri, 23 Jan 2026 07:54:58 +0100 Subject: [PATCH 3/4] Revert clang-18 in Makefile from debugging --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 690b48193..c9ae4493d 100644 --- a/Makefile +++ b/Makefile @@ -75,7 +75,7 @@ CFLAGS += -Wunused-but-set-variable LDLIBS += -lm # Clang sanitizer compiler options -CCCLANG = clang-18 +CCCLANG = clang ifeq "$(CLANG)" "0" CC = $(CCCLANG) endif -- GitLab From f6f64fbe9a1ce2b0a87488baac48deda103335cb Mon Sep 17 00:00:00 2001 From: Erik Norvell Date: Fri, 23 Jan 2026 14:43:37 +0100 Subject: [PATCH 4/4] Change to num_src for scaling, since it includes LFE channel --- lib_rend/ivas_objectRenderer_fx.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib_rend/ivas_objectRenderer_fx.c b/lib_rend/ivas_objectRenderer_fx.c index bd638a9cb..8ba74dad8 100644 --- a/lib_rend/ivas_objectRenderer_fx.c +++ b/lib_rend/ivas_objectRenderer_fx.c @@ -435,7 +435,7 @@ ivas_error ivas_td_binaural_renderer_unwrap_fx( Word16 i; #ifdef FIX_BASOP_2358_SCALING_OOB - FOR( i = 0; i < hBinRendererTd->NumOfSrcs; ++i ) + FOR( i = 0; i < num_src; ++i ) #else FOR( i = 0; i < MAX_OUTPUT_CHANNELS; ++i ) #endif @@ -453,7 +453,7 @@ ivas_error ivas_td_binaural_renderer_unwrap_fx( } #ifdef FIX_BASOP_2358_SCALING_OOB - FOR( i = 0; i < hBinRendererTd->NumOfSrcs; ++i ) + FOR( i = 0; i < num_src; ++i ) #else FOR( i = 0; i < MAX_OUTPUT_CHANNELS; ++i ) #endif -- GitLab