From patchwork Thu Jun 27 00:40:37 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Kacper Michajlow <kasper93@gmail.com>
X-Patchwork-Id: 50185
Delivered-To: ffmpegpatchwork2@gmail.com
Received: by 2002:a59:bc92:0:b0:482:c625:d099 with SMTP id p18csp164633vqy;
        Wed, 26 Jun 2024 17:57:56 -0700 (PDT)
X-Forwarded-Encrypted: i=2;
 AJvYcCUvA+lZDyqPAwRJRpK9zl7+AsVTiZb0iTq3P1q/8YCL1ciIdOUiVzf/clg0pNpWef41RRAM+CuaYa73DJDjZ0pZsbytyjl0rv/YlA==
X-Google-Smtp-Source: 
 AGHT+IE5VlYX88xKFCPnGgUXdDwD+AtCYLIqUZ0UTRNg22C6fC3XJ2v5oTQRNy3Uokprqas9oP+6
X-Received: by 2002:a05:651c:1511:b0:2ee:494c:c3d3 with SMTP id
 38308e7fff4ca-2ee494cc432mr3481771fa.43.1719449876242;
        Wed, 26 Jun 2024 17:57:56 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1719449876; cv=none;
        d=google.com; s=arc-20160816;
        b=Vln7gKiatIgCn47mKhY/Ie4E4OsTiazBk5c/xYx+d75BmKO4yo4Lu5DGEIy7OeNY7P
         pXI/Mc7bgqNpiRELJ+FNhjuQKCELQWJu4Hl7FjyHYMhxoEuSx43lbD5L9hb9ZvOaT/0u
         g8Ovz4nB2+SaC5Rb3AsrHJcvSoOcfQvgvpTL3sLBIcr8mPjVY1h6LH2+xdVwhBdOHa8Z
         rzLmIKxen5j2OP0YxXDi3hOiUNPWTSAl5PDjxUhyCNmltxXL1XOU8xFL+B0dWLoL9B4v
         9O4u7B9CQ0KMcO4VPjixZiTADIVoGZhqzE7hZQ/lMzykwJ5/M1/WnuWZRZyykTLCVPJN
         g18w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=sender:errors-to:content-transfer-encoding:cc:reply-to
         :list-subscribe:list-help:list-post:list-archive:list-unsubscribe
         :list-id:precedence:subject:mime-version:references:in-reply-to
         :message-id:date:to:from:dkim-signature:delivered-to;
        bh=MqLGIgiZQ0oxgsYENVlep/0BXlo0B6WksGyAIL/veZQ=;
        fh=VehHF75ibtIiOcMFupA+RvAd8F/HWiWMZFlcjyRnn54=;
        b=DLal7atRE1uD8L/vyVtOfiR0gjO/9lcx3SvPqB9j9Nfa6Un/gLp3AaJPiECCEzHLnS
         0/spHlWrUJcpRy65fQnJOCGbHIoDDx8SPAbeCOjPLIrpjJgF2+xdUpdh1kxwEJgT8Gsk
         dLiNcyT9lrl4m+ti0YrwLJ9wKgsCaXCgcm3QxNMFKuoJ/Jmsqjf0EYmICWsqKjKL9vW8
         jtcPnjzlC3+cdGFkqOMtVz6gwoy8VMboS82zcPk9+VPvflAyWVXUmc91+gtxs2AqXcvG
         6wXey0O4JmJXZZ4crXjwKfvvAOuo5yjAVwGtyMclGfES8MC9hipiyaG3dTvGo/Q6gzKy
         yCbg==;
        dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@gmail.com
 header.s=20230601 header.b=lq3klwP3;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org;
       dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
        by mx.google.com with ESMTP id
 38308e7fff4ca-2ee4a4c142esi720081fa.487.2024.06.26.17.57.55;
        Wed, 26 Jun 2024 17:57:56 -0700 (PDT)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@gmail.com
 header.s=20230601 header.b=lq3klwP3;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org;
       dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id ED87C68D707;
	Thu, 27 Jun 2024 03:41:46 +0300 (EEST)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from mail-lf1-f41.google.com (mail-lf1-f41.google.com
 [209.85.167.41])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id F0D8B68D6E7
 for <ffmpeg-devel@ffmpeg.org>; Thu, 27 Jun 2024 03:41:35 +0300 (EEST)
Received: by mail-lf1-f41.google.com with SMTP id
 2adb3069b0e04-52cd8897c73so6332995e87.2
 for <ffmpeg-devel@ffmpeg.org>; Wed, 26 Jun 2024 17:41:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1719448895; x=1720053695; darn=ffmpeg.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=404NudapaATmu014Bz1D01Q4wSsUIvPiMn5vG9ncXJQ=;
 b=lq3klwP3QOLgk11dQ8gNPAHa21ur7h0zRwFZWb+ZSU7o3f0XPuSN5IFrzUOlSb/I/r
 uUxO4vwxsWFGAFbi1c2O4ln20P7eAW+mf+Zv3UpWseJ/OmE97a6lSNg4kraqgo6WB99k
 WcgwX6mjW3KTWnatYB70HM32Rge8dTD2J87xEAtnf8dN9zaQBhpT0KrH2cR+sph4DZtE
 JCv2pw5EKhXJzdn3HUbGpGCZTjmdhU3SeAVHUkUrOTZxhehNHfYxQGzyf+MIvl4Qoa9T
 EX0EdHWnVArMaEaxydCdNYavJYywl27IxIyA9Tr8esg817nnedpWf81N69LQuTvr7YFR
 ejmw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1719448895; x=1720053695;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=404NudapaATmu014Bz1D01Q4wSsUIvPiMn5vG9ncXJQ=;
 b=Cw6C2EIi5WH/Rt0S54uzt7vaEabKUw27qAaJbOR2CxliyBJa2BqUrnKfIVfuXvOD02
 VGdOKUEJCDmYlMBcbqpqt0MztT++w+a9k6vbLIvmThZbd5a9TLQ0Up6Cb1yFPD4cqdk1
 I99K0jvKUXuc4A76WN9DWbchHOtRgNb4MrJZI2M+jcXTzRSL1J1oJ4YR05rX3RFCuZmi
 aficbHV0Az4hvcHqY0QypfRcJiVB4uvdos9Wmy6Ez2WMYZi3ZoYV1Q6RtTCqd7578pGX
 nJPhmUCqkKr5RsyoybgKUOhmGKxJhrtNoZxgaNVHB2aQ5JGqfz8vHUk7Znkx3+WylkHD
 IEGQ==
X-Gm-Message-State: AOJu0Yw9BwxRJQQPOeXULb4B4+adHG/xmq+LoPpFBKSzYVyb+PG3MXTp
 OBTxAfcQ1dzd16GIf9zb1Y95RiI0FSPoi6qWm6EejQ0WmKe4ycVA+9pN7Q==
X-Received: by 2002:a05:6512:b1e:b0:52d:582e:4117 with SMTP id
 2adb3069b0e04-52d582e41e7mr3869520e87.54.1719448894485;
 Wed, 26 Jun 2024 17:41:34 -0700 (PDT)
Received: from localhost.localdomain (89-74-12-251.dynamic.chello.pl.
 [89.74.12.251]) by smtp.gmail.com with ESMTPSA id
 2adb3069b0e04-52e71313206sm18547e87.188.2024.06.26.17.41.33
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 26 Jun 2024 17:41:34 -0700 (PDT)
From: =?utf-8?q?Kacper_Michaj=C5=82ow?= <kasper93@gmail.com>
To: ffmpeg-devel@ffmpeg.org
Date: Thu, 27 Jun 2024 02:40:37 +0200
Message-ID: <20240627004037.1336-4-kasper93@gmail.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20240627004037.1336-1-kasper93@gmail.com>
References: <20240627004037.1336-1-kasper93@gmail.com>
MIME-Version: 1.0
Subject: [FFmpeg-devel] [PATCH 4/4] avformat/jpegxl_anim_dec: ensure input
 padding is zeroed
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Cc: =?utf-8?q?Kacper_Michaj=C5=82ow?= <kasper93@gmail.com>
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
X-TUID: xrhPO2m6PSQ9

Fixes use of uninitialized value, reported by MSAN.

Found by OSS-Fuzz.

Signed-off-by: Kacper Michajłow <kasper93@gmail.com>
---
 libavformat/jpegxl_anim_dec.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/libavformat/jpegxl_anim_dec.c b/libavformat/jpegxl_anim_dec.c
index ac95d3b961..2338a2e8c0 100644
--- a/libavformat/jpegxl_anim_dec.c
+++ b/libavformat/jpegxl_anim_dec.c
@@ -124,6 +124,8 @@ static int jpegxl_anim_read_header(AVFormatContext *s)
         }
     }
 
+    memset(head + headsize, 0, AV_INPUT_BUFFER_PADDING_SIZE);
+
     /* offset in bits of the animation header */
     ret = ff_jpegxl_parse_codestream_header(head, headsize, &meta, 0);
     if (ret < 0 || meta.animation_offset <= 0)