On 3/8/2019 6:25 AM, Andreas Rheinhardt wrote:
> It is only necessary to zero the initial allocated memory used to store
> the size of laced frames if the block used Xiph lacing. Otherwise no
> unintialized data was ever used, so use av_malloc instead of av_mallocz.
>
> Also use the correct type for the allocations.
>
> Signed-off-by: Andreas Rheinhardt <andreas.rheinha...@googlemail.com>
> ---
> libavformat/matroskadec.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/libavformat/matroskadec.c b/libavformat/matroskadec.c
> index de27d63b17..8a14764d1a 100644
> --- a/libavformat/matroskadec.c
> +++ b/libavformat/matroskadec.c
> @@ -2796,7 +2796,7 @@ static int matroska_parse_laces(MatroskaDemuxContext
> *matroska, uint8_t **buf,
>
> if (!type) {
> *laces = 1;
> - *lace_buf = av_mallocz(sizeof(int));
> + *lace_buf = av_malloc(sizeof(**lace_buf));
> if (!*lace_buf)
> return AVERROR(ENOMEM);
>
> @@ -2808,7 +2808,7 @@ static int matroska_parse_laces(MatroskaDemuxContext
> *matroska, uint8_t **buf,
> *laces = *data + 1;
> data += 1;
> size -= 1;
> - lace_size = av_mallocz(*laces * sizeof(int));
> + lace_size = av_malloc(*laces * sizeof(*lace_size));
> if (!lace_size)
> return AVERROR(ENOMEM);
>
> @@ -2818,6 +2818,8 @@ static int matroska_parse_laces(MatroskaDemuxContext
> *matroska, uint8_t **buf,
> uint8_t temp;
> uint32_t total = 0;
> for (n = 0; res == 0 && n < *laces - 1; n++) {
> + lace_size[n] = 0;
> +
> while (1) {
> if (size <= total) {
> res = AVERROR_INVALIDDATA;
>
Should be ok if tested under Valgrind to make sure there's really no
uninitialized data read.
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
