OSDN Git Service
(root)
/
android-x86
/
external-ffmpeg.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
7340718
)
avcodec/iff: ensure that runs with insufficient input dont leave uninitialized bytes...
author
Michael Niedermayer
<michaelni@gmx.at>
Thu, 2 Jan 2014 13:50:48 +0000
(14:50 +0100)
committer
Michael Niedermayer
<michaelni@gmx.at>
Thu, 2 Jan 2014 13:52:02 +0000
(14:52 +0100)
Fixes use of uninitialized memory
Fixes: msan_uninit-mem_7fa0dea15eae_8988_test.iff
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
libavcodec/iff.c
patch
|
blob
|
history
diff --git
a/libavcodec/iff.c
b/libavcodec/iff.c
index
4bde0a8
..
f08a0f7
100644
(file)
--- a/
libavcodec/iff.c
+++ b/
libavcodec/iff.c
@@
-488,12
+488,12
@@
static int decode_byterun(uint8_t *dst, int dst_size,
unsigned length;
const int8_t value = *buf++;
if (value >= 0) {
- length =
value + 1
;
- memcpy(dst + x, buf,
FFMIN3(length, dst_size - x, buf_end - buf)
);
+ length =
FFMIN3(value + 1, dst_size - x, buf_end - buf)
;
+ memcpy(dst + x, buf,
length
);
buf += length;
} else if (value > -128) {
- length =
-value + 1
;
- memset(dst + x, *buf++,
FFMIN(length, dst_size - x)
);
+ length =
FFMIN(-value + 1, dst_size - x)
;
+ memset(dst + x, *buf++,
length
);
} else { // noop
continue;
}
OSDN Git Service
