From 08a3e71ce56a90ed8f44ed5479b4487cc56a43e8 Mon Sep 17 00:00:00 2001
From: Paul Brossier <piem@piem.org>
Date: Thu, 8 May 2025 18:44:39 +0200
Subject: [PATCH] [tempo] prevent oob access in beattracking (closes gh-409)

---
 src/tempo/beattracking.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/tempo/beattracking.c b/src/tempo/beattracking.c
index 6031fe2c..96483f01 100644
--- a/src/tempo/beattracking.c
+++ b/src/tempo/beattracking.c
@@ -199,7 +199,13 @@ aubio_beattracking_do (aubio_beattracking_t * bt, const fvec_t * dfframe,
   fvec_zeros (bt->phout);
   for (i = 0; i < bp; i++) {
     for (k = 0; k < kmax; k++) {
-      bt->phout->data[i] += bt->dfrev->data[i + (uint_t) ROUND (bp * k)];
+      uint_t idx = i + (uint_t) ROUND (bp * k);
+      if (idx < bt->dfrev->length)
+        bt->phout->data[i] += bt->dfrev->data[idx];
+#if AUBIO_BEAT_WARNINGS
+      else
+        AUBIO_WRN ("[tempo] out of bounds index %d", idx);
+#endif
     }
   }
   fvec_weight (bt->phout, bt->phwv);
-- 
2.11.0