From 802713c4e7b41bc2deed754d78649945c3442063 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Alberto=20Delm=C3=A1s?= <adelmas@gmail.com>
Date: Sun, 11 Nov 2012 09:47:39 +0100
Subject: [PATCH] mss2: prevent potential uninitialized reads

The alternative to zeroing on init is setting the corrupted flag in
all cases where pal_pic is not fully written, at the cost of added
complexity.

Signed-off-by: Kostya Shishkov <kostya.shishkov@gmail.com>
---
 libavcodec/mss2.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libavcodec/mss2.c b/libavcodec/mss2.c
index 5f99b7afa4..bec3f45075 100644
--- a/libavcodec/mss2.c
+++ b/libavcodec/mss2.c
@@ -839,8 +839,8 @@ static av_cold int mss2_decode_init(AVCodecContext *avctx)
     if (ret = ff_mss12_decode_init(c, 1, &ctx->sc[0], &ctx->sc[1]))
         return ret;
     c->pal_stride   = c->mask_stride;
-    c->pal_pic      = av_malloc(c->pal_stride * avctx->height);
-    c->last_pal_pic = av_malloc(c->pal_stride * avctx->height);
+    c->pal_pic      = av_mallocz(c->pal_stride * avctx->height);
+    c->last_pal_pic = av_mallocz(c->pal_stride * avctx->height);
     if (!c->pal_pic || !c->last_pal_pic) {
         mss2_decode_end(avctx);
         return AVERROR(ENOMEM);
-- 
2.11.0