mxfdec: Check that key was read sucessfull

Michael Niedermayer Wed, 14 Aug 2024 07:34:54 -0700

Fixes: use of uninitialized value
Fixes: 
70932/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-4870202133643264


Found-by: continuous fuzzing process 
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
---
 libavformat/mxfdec.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/libavformat/mxfdec.c b/libavformat/mxfdec.c
index af0c8a31007..4d5cb28d6dd 100644
--- a/libavformat/mxfdec.c
+++ b/libavformat/mxfdec.c
@@ -1533,7 +1533,8 @@ static int mxf_read_indirect_value(void *arg, AVIOContext 
*pb, int size)
     if (size <= 17)
         return 0;
 
-    avio_read(pb, key, 17);
+    if (avio_read(pb, key, 17) != 17)
+        return AVERROR_INVALIDDATA;
     /* TODO: handle other types of of indirect values */
     if (memcmp(key, mxf_indirect_value_utf16le, 17) == 0) {
         return mxf_read_utf16le_string(pb, size - 17, &tagged_value->value);
-- 
2.45.2

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".

[FFmpeg-devel] [PATCH 2/3] avformat/mxfdec: Check that key was read sucessfull

Reply via email to