[FFmpeg-cvslog] avformat/iff: shrink packets to the initialized data

Michael Niedermayer git at videolan.org
Sun Dec 15 03:26:01 CET 2013


ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Sun Dec 15 01:32:48 2013 +0100| [2b31a9c613f95383d5106f8c1cbcee8eb291090f] | committer: Michael Niedermayer

avformat/iff: shrink packets to the initialized data

Fixes use of uninitialized data
Fixes: msan_uninit-mem_7f65b9788da6_388_24.iff
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2b31a9c613f95383d5106f8c1cbcee8eb291090f
---

 libavformat/iff.c |    2 ++
 1 file changed, 2 insertions(+)

diff --git a/libavformat/iff.c b/libavformat/iff.c
index edf308b..03c4b08 100644
--- a/libavformat/iff.c
+++ b/libavformat/iff.c
@@ -462,6 +462,8 @@ static int iff_read_packet(AVFormatContext *s,
         buf = pkt->data;
         bytestream_put_be16(&buf, 2);
         ret = avio_read(pb, buf, iff->body_size);
+        if (ret>=0 && ret < iff->body_size)
+            av_shrink_packet(pkt, ret + 2);
     } else {
         av_assert0(0);
     }



More information about the ffmpeg-cvslog mailing list