Message ID | 20200819195925.130806-1-tfoucu@gmail.com |
---|---|
State | Superseded |
Headers | show |
Series | [FFmpeg-devel] libavformat/r3d.c: Fix Use-of-uninitialized-value in filename. | expand |
Context | Check | Description |
---|---|---|
andriy/default | pending | |
andriy/make | success | Make finished |
andriy/make_fate | success | Make fate finished |
On 8/19/2020 4:59 PM, Thierry Foucu wrote: > While reading the filename tag, it mays return a EOF and we are still > copying the file with uninitialized value. > --- > libavformat/r3d.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/libavformat/r3d.c b/libavformat/r3d.c > index 7aa0c5a2c3..7ba589530d 100644 > --- a/libavformat/r3d.c > +++ b/libavformat/r3d.c > @@ -54,7 +54,7 @@ static int r3d_read_red1(AVFormatContext *s) > { > AVStream *st = avformat_new_stream(s, NULL); > R3DContext *r3d = s->priv_data; > - char filename[258]; > + char filename[258] = {}; > int tmp; > int av_unused tmp2; > AVRational framerate; It may be a better idea to check instead if avio_read() actually reads the required 257 bytes, and abort otherwise.
diff --git a/libavformat/r3d.c b/libavformat/r3d.c index 7aa0c5a2c3..7ba589530d 100644 --- a/libavformat/r3d.c +++ b/libavformat/r3d.c @@ -54,7 +54,7 @@ static int r3d_read_red1(AVFormatContext *s) { AVStream *st = avformat_new_stream(s, NULL); R3DContext *r3d = s->priv_data; - char filename[258]; + char filename[258] = {}; int tmp; int av_unused tmp2; AVRational framerate;