MPEG Audio frame header must be 4 bytes. If we fail to read 4 bytes bail early to avoid Use-of-uninitialized-value msan error. Reference https://crbug.com/666874.
From 5ed6e20c09840320784c43b86b75b3ede69742f6 Mon Sep 17 00:00:00 2001 From: Chris Cunningham <chcunning...@chromium.org> Date: Tue, 22 Nov 2016 13:54:50 -0800 Subject: [PATCH] mp3dec: fix msan warning when verifying mpa header
MPEG Audio frame header must be 4 bytes. If we fail to read 4 bytes bail early to avoid Use-of-uninitialized-value msan error. Reference https://crbug.com/666874. --- libavformat/mp3dec.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/libavformat/mp3dec.c b/libavformat/mp3dec.c index 291cf56..64217b2 100644 --- a/libavformat/mp3dec.c +++ b/libavformat/mp3dec.c @@ -461,7 +461,8 @@ static int check(AVIOContext *pb, int64_t pos, uint32_t *ret_header) return CHECK_SEEK_FAILED; ret = avio_read(pb, &header_buf[0], 4); - if (ret < 0) + /* We should always find four bytes for a valid mpa header. */ + if (ret < 4) return CHECK_SEEK_FAILED; header = AV_RB32(&header_buf[0]); -- 2.8.0.rc3.226.g39d4020
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
