diff mbox

[FFmpeg-devel] avformat/tls_schannel: Fix use of uninitialized variable

Message ID CA+op6QbPgd3+vA+p99Yz_gz8N_8fwGEVJBGtiupcBGMeTynnLQ@mail.gmail.com
State Withdrawn
Headers show

Commit Message

Paweł Wegner Aug. 17, 2018, 9:44 a.m. UTC 
Yes, this works as well. I attached fixed patch.

On Fri, Aug 17, 2018 at 11:15 AM Carl Eugen Hoyos <ceffmpeg@gmail.com>
wrote:

> 2018-08-03 20:28 GMT+02:00, Paweł Wegner <pawel.wegner95@gmail.com>:
>
> > One could copy the initialization to the top from the while loop:
> >   init_sec_buffer(&outbuf[0], SECBUFFER_TOKEN, NULL, 0);
> >   init_sec_buffer(&outbuf[1], SECBUFFER_ALERT, NULL, 0);
> >   init_sec_buffer(&outbuf[2], SECBUFFER_EMPTY, NULL, 0);
> >   init_sec_buffer_desc(&outbuf_desc, outbuf, 3);
>
> I was thinking about "SecBuffer outbuf = { 0 };
> Does that work?
>
> Carl Eugen
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
diff mbox

Patch

From 496254b96fe889f7a4aa89817c384ee55afc81d0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pawe=C5=82=20Wegner?= <pawel.wegner95@gmail.com>
Date: Thu, 2 Aug 2018 21:08:12 +0200
Subject: [PATCH] avformat/tls_schannel: Fix use of uninitialized variable
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Fixes: runtime error: passing uninitialized value to FreeContextBuffer
causes a crash

Signed-off-by: Paweł Wegner <pawel.wegner95@gmail.com>
---
 libavformat/tls_schannel.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavformat/tls_schannel.c b/libavformat/tls_schannel.c
index f41b007773..4f0badcb8d 100644
--- a/libavformat/tls_schannel.c
+++ b/libavformat/tls_schannel.c
@@ -148,7 +148,7 @@  static int tls_client_handshake_loop(URLContext *h, int initial)
     TLSContext *c = h->priv_data;
     TLSShared *s = &c->tls_shared;
     SECURITY_STATUS sspi_ret;
-    SecBuffer outbuf[3];
+    SecBuffer outbuf[3] = { 0 };
     SecBufferDesc outbuf_desc;
     SecBuffer inbuf[2];
     SecBufferDesc inbuf_desc;
-- 
2.17.1