[FFmpeg-cvslog] avformat/sierravmd: Check avio_read return value
Michael Niedermayer
git at videolan.org
Fri Dec 20 01:33:34 CET 2013
ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Thu Dec 19 20:48:51 2013 +0100| [a165964f3c4b48041b8f053813761490d57c6222] | committer: Michael Niedermayer
avformat/sierravmd: Check avio_read return value
Fixes use of uninitialized memory
Fixes: msan_uninit-mem_7f82af392dae_1848_HR060606.VMD
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a165964f3c4b48041b8f053813761490d57c6222
---
libavformat/sierravmd.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/libavformat/sierravmd.c b/libavformat/sierravmd.c
index 8749ec1..9bd42b4 100644
--- a/libavformat/sierravmd.c
+++ b/libavformat/sierravmd.c
@@ -204,7 +204,12 @@ static int vmd_read_header(AVFormatContext *s)
int type;
uint32_t size;
- avio_read(pb, chunk, BYTES_PER_FRAME_RECORD);
+ if ((ret = avio_read(pb, chunk, BYTES_PER_FRAME_RECORD)) != BYTES_PER_FRAME_RECORD) {
+ av_log(s, AV_LOG_ERROR, "Failed to read frame record\n");
+ if (ret >= 0)
+ ret = AVERROR_INVALIDDATA;
+ goto error;
+ }
type = chunk[0];
size = AV_RL32(&chunk[2]);
if (size > INT_MAX / 2) {
More information about the ffmpeg-cvslog
mailing list