| Message ID | 1593348379-23289-1-git-send-email-lance.lmwang@gmail.com |
|---|---|
| State | Accepted |
| Commit | b6f505ce0ae7bcb05a4ad118753407fd7d022829 |
| Headers | show |
| Series | [FFmpeg-devel,v2] avcodec/mpeg12dec: Fix uninitialized data in fate-sub-cc-scte20 | expand |
| Context | Check | Description |
|---|---|---|
| andriy/default | pending | |
| andriy/make | success | Make finished |
| andriy/make_fate | success | Make fate finished |
On Sun, 28 Jun 2020, lance.lmwang@gmail.com wrote: > From: Limin Wang <lance.lmwang@gmail.com> > > The issue is introduced from a705bcd763e344fa, please tested with below command line: > make V=1 fate-sub-cc-scte20 TARGET_EXEC="valgrind --error-exitcode=1" > > Reported-by: Martin Storsjö <martin@martin.st> > Signed-off-by: Limin Wang <lance.lmwang@gmail.com> > --- > libavcodec/mpeg12dec.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/libavcodec/mpeg12dec.c b/libavcodec/mpeg12dec.c > index f0f92ac..e9bdccc 100644 > --- a/libavcodec/mpeg12dec.c > +++ b/libavcodec/mpeg12dec.c > @@ -2276,6 +2276,8 @@ static int mpeg_decode_a53_cc(AVCodecContext *avctx, > if (ret >= 0) { > uint8_t field, cc1, cc2; > uint8_t *cap = s1->a53_buf_ref->data; > + > + memset(s1->a53_buf_ref->data + old_size, 0, cc_count * 3); > for (i = 0; i < cc_count && get_bits_left(&gb) >= 26; i++) { > skip_bits(&gb, 2); // priority > field = get_bits(&gb, 2); > -- > 1.8.3.1 OK with me if nobody else has anything more to say. // Martin
On Mon, Jun 29, 2020 at 09:19:56PM +0300, Martin Storsjö wrote: > On Sun, 28 Jun 2020, lance.lmwang@gmail.com wrote: > > > From: Limin Wang <lance.lmwang@gmail.com> > > > > The issue is introduced from a705bcd763e344fa, please tested with below command line: > > make V=1 fate-sub-cc-scte20 TARGET_EXEC="valgrind --error-exitcode=1" > > > > Reported-by: Martin Storsjö <martin@martin.st> > > Signed-off-by: Limin Wang <lance.lmwang@gmail.com> > > --- > > libavcodec/mpeg12dec.c | 2 ++ > > 1 file changed, 2 insertions(+) > > > > diff --git a/libavcodec/mpeg12dec.c b/libavcodec/mpeg12dec.c > > index f0f92ac..e9bdccc 100644 > > --- a/libavcodec/mpeg12dec.c > > +++ b/libavcodec/mpeg12dec.c > > @@ -2276,6 +2276,8 @@ static int mpeg_decode_a53_cc(AVCodecContext *avctx, > > if (ret >= 0) { > > uint8_t field, cc1, cc2; > > uint8_t *cap = s1->a53_buf_ref->data; > > + > > + memset(s1->a53_buf_ref->data + old_size, 0, cc_count * 3); > > for (i = 0; i < cc_count && get_bits_left(&gb) >= 26; i++) { > > skip_bits(&gb, 2); // priority > > field = get_bits(&gb, 2); > > -- > > 1.8.3.1 > > OK with me if nobody else has anything more to say. thanks, will apply. > > // Martin
diff --git a/libavcodec/mpeg12dec.c b/libavcodec/mpeg12dec.c index f0f92ac..e9bdccc 100644 --- a/libavcodec/mpeg12dec.c +++ b/libavcodec/mpeg12dec.c @@ -2276,6 +2276,8 @@ static int mpeg_decode_a53_cc(AVCodecContext *avctx, if (ret >= 0) { uint8_t field, cc1, cc2; uint8_t *cap = s1->a53_buf_ref->data; + + memset(s1->a53_buf_ref->data + old_size, 0, cc_count * 3); for (i = 0; i < cc_count && get_bits_left(&gb) >= 26; i++) { skip_bits(&gb, 2); // priority field = get_bits(&gb, 2);