From b3f44eafa5a8748f777d0935d6e5562a604d8770 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michaelni@gmx.at>
Date: Thu, 19 Dec 2013 20:48:51 +0100
Subject: [PATCH] avcodec/iff: warn about truncated input to decode_byterun()
 and clear remaining output

Fixes use of uninitialized memory
Fixes: msan_uninit-mem_7fe205e395ed_8988_test.iff
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
---
 libavcodec/iff.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/libavcodec/iff.c b/libavcodec/iff.c
index e71f5b00b9..4bde0a8117 100644
--- a/libavcodec/iff.c
+++ b/libavcodec/iff.c
@@ -499,6 +499,10 @@ static int decode_byterun(uint8_t *dst, int dst_size,
         }
         x += length;
     }
+    if (x < dst_size) {
+        av_log(NULL, AV_LOG_WARNING, "decode_byterun ended before plane size\n");
+        memset(dst+x, 0, dst_size - x);
+    }
     return buf - buf_start;
 }
 
-- 
2.11.0