avformat/siff: check avio_read() return value before returning packet

Fixes: /ld/michael/ffmpeg_uninit/ffmpeg_uninit/done/msan_uninit-mem_7fb3e0fa86e9_1980_INTRO_B.VB
Fixes use of uninitialized memory
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>

diff --git a/libavformat/siff.c b/libavformat/siff.c
index c8b68ab..8da6c2f 100644 (file)
--- a/libavformat/siff.c
+++ b/libavformat/siff.c
@@ -216,7 +216,10 @@ static int siff_read_packet(AVFormatContext *s, AVPacket *pkt)
             AV_WL16(pkt->data, c->flags);
             if (c->gmcsize)
                 memcpy(pkt->data + 2, c->gmc, c->gmcsize);
-            avio_read(s->pb, pkt->data + 2 + c->gmcsize, size);
+            if (avio_read(s->pb, pkt->data + 2 + c->gmcsize, size) != size) {
+                av_free_packet(pkt);
+                return AVERROR_INVALIDDATA;
+            }
             pkt->stream_index = 0;
             c->curstrm = -1;
         }else{