[FFmpeg-cvslog] avformat/assdec: make sure pos is initialized
Clément Bœsch
git at videolan.org
Sat Oct 4 12:28:12 CEST 2014
ffmpeg | branch: master | Clément Bœsch <u at pkh.me> | Sat Oct 4 12:22:37 2014 +0200| [138902dfb60fbb87fb65a8c4800f8ac661394b72] | committer: Clément Bœsch
avformat/assdec: make sure pos is initialized
Fixes use of uninitialized memory
Fixes: signal_sigsegv_504fb0_10_signal_sigsegv_504fb0_343_mewmew_ssa.avi
Found-by: Mateusz j00ru Jurczyk and Gynvael Coldwind
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=138902dfb60fbb87fb65a8c4800f8ac661394b72
---
libavformat/assdec.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libavformat/assdec.c b/libavformat/assdec.c
index ba7bc8b..87ce2f2 100644
--- a/libavformat/assdec.c
+++ b/libavformat/assdec.c
@@ -57,14 +57,14 @@ static int ass_read_close(AVFormatContext *s)
static int read_dialogue(ASSContext *ass, AVBPrint *dst, const uint8_t *p,
int64_t *start, int *duration)
{
- int pos;
+ int pos = 0;
int64_t end;
int hh1, mm1, ss1, ms1;
int hh2, mm2, ss2, ms2;
if (sscanf(p, "Dialogue: %*[^,],%d:%d:%d%*c%d,%d:%d:%d%*c%d,%n",
&hh1, &mm1, &ss1, &ms1,
- &hh2, &mm2, &ss2, &ms2, &pos) >= 8) {
+ &hh2, &mm2, &ss2, &ms2, &pos) >= 8 && pos > 0) {
/* This is not part of the sscanf itself in order to handle an actual
* number (which would be the Layer) or the form "Marked=N" (which is
More information about the ffmpeg-cvslog
mailing list