From 6788d7c168b9dc57c0a062b693195ba3aac43aa6 Mon Sep 17 00:00:00 2001
From: sscobici <sergey.scobich@gmail.com>
Date: Sat, 18 Jan 2025 00:14:12 +0200
Subject: [PATCH] alac: validate mid_side_shift to not overflow

---
 symphonia-codec-alac/src/lib.rs | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/symphonia-codec-alac/src/lib.rs b/symphonia-codec-alac/src/lib.rs
index ccb7d54f..ab08d009 100644
--- a/symphonia-codec-alac/src/lib.rs
+++ b/symphonia-codec-alac/src/lib.rs
@@ -658,6 +658,12 @@ fn decode_sce_or_cpe<B: ReadBitsLtr>(
             elem1.predict(&mut out1[..num_samples])?;
 
             if mid_side_weight != 0 {
+                // mid_side_shift should not be bigger than 31 bits as we are shifting i32 to the right
+                // TODO validate if it should be not bigger than config.bit_depth
+                if mid_side_shift > 31 {
+                    return decode_error("alac: mid_side_shift is greater than 31 bit");
+                }
+
                 decorrelate_mid_side(out0, out1, mid_side_weight, mid_side_shift);
             }
         }