From patchwork Wed Dec 14 23:39:59 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthew Wolenetz X-Patchwork-Id: 1790 Delivered-To: ffmpegpatchwork@gmail.com Received: by 10.103.65.86 with SMTP id o83csp446144vsa; Wed, 14 Dec 2016 15:40:53 -0800 (PST) X-Received: by 10.194.60.195 with SMTP id j3mr95625049wjr.149.1481758850462; Wed, 14 Dec 2016 15:40:50 -0800 (PST) Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id l10si56873345wjr.92.2016.12.14.15.40.50; Wed, 14 Dec 2016 15:40:50 -0800 (PST) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@google.com; dkim=neutral (body hash did not verify) header.i=@chromium.org; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE dis=NONE) header.from=chromium.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 6F2ED6897C1; Thu, 15 Dec 2016 01:40:42 +0200 (EET) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-it0-f43.google.com (mail-it0-f43.google.com [209.85.214.43]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 912696897C1 for ; Thu, 15 Dec 2016 01:40:35 +0200 (EET) Received: by mail-it0-f43.google.com with SMTP id c20so13105413itb.0 for ; Wed, 14 Dec 2016 15:40:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:sender:from:date:message-id:subject:to:cc; bh=WdsHprwqvyxVIf22hb/Y87n4xtHLuQUqIBNhnfXIRgs=; b=wNPFKXwmvNl1JzYpjkYExVMS9fY+JBzs2MLcivdF5WEK7uD9edC+shiOyl7ntO6yM4 LBUmBJ81DQkz/KPCJb+6uap/OacKj5q0LoqSReQay+Ed78yNCzZTuvVXSmu1pvixByIN X5hLZZ5ngdby1ikcC6Mw1SqyJgICTlyIK7Blzt0uLPji9vGKXn7QLP/jvh3q/vPnPqlM V+jdNocbhuEZa/JcnxGHqowTBWBztmIWX+l3XLgq3sO9IX5ksm9Wb3N9UfdrSf7NoyMr j4p2yViPzdLA+BlCO1gyZB2d+nDbiczGWqdj33PstmPGI7g1t5xeQSNwJ2YlReU8bIU0 bQtw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:sender:from:date:message-id:subject:to:cc; bh=WdsHprwqvyxVIf22hb/Y87n4xtHLuQUqIBNhnfXIRgs=; b=RHslwVqIHKa8POA977UDK38VivXyZyxJmf0qcjqnIaKqyASS3Wx7kpgbyBZqLaaWMu MUDvLMhReBZjB2XF1oFLM3NoqxQpQOX3J9oB+HKaLMWGp4jlAVVobgqTw4h6t2v910eW fxFpp6XB6fW5htD5j3a4Kb/U09EejFngKvK7E= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:from:date:message-id:subject :to:cc; bh=WdsHprwqvyxVIf22hb/Y87n4xtHLuQUqIBNhnfXIRgs=; b=oUHS1sge91MY5ZiZYLfVmfxuxZP/dFza4kimNBnwXjHHJ1kby7kjOahXcKiYR9/fJt UP9CVVj95uI0pGS3n8jwGKgIL07pzJyPqCHa1YMUgwMGhtfBIkiscd0uL7jKzUGG9aoL b5cLH5/L8WE4sZfz6cOKfPpukHra/zV+UU6kp/uN0PJ85o4+rR9gRwpCcXU6GNC+PQVc +NAH67KmWygLUN3SryaD7FGmG/qlL0JUutokEWj0bqe6N0xci5RSzB/Btf0Gy1jci8rR QmNnz8tKfW4yajztBRPQdzwuViz3YuVEu5lw1Qn5Z+29qb5TvxTPkFeq9oaJKCwl9Sg9 tBaw== X-Gm-Message-State: AKaTC03XaOhW2M47W9tFnxJi9mDhHdkoFLYMNX/44mRBC1PK9uJv9jVvbbKC8kri+eyCfUyKxkzv0l758M8xuDYD X-Received: by 10.36.92.67 with SMTP id q64mr9947656itb.97.1481758840174; Wed, 14 Dec 2016 15:40:40 -0800 (PST) MIME-Version: 1.0 Received: by 2002:a17:908:2cd5:0:0:0:0 with HTTP; Wed, 14 Dec 2016 15:39:59 -0800 (PST) From: Matthew Wolenetz Date: Wed, 14 Dec 2016 15:39:59 -0800 X-Google-Sender-Auth: jXGRAxd1uXvicjbvfqFsQuKWnuY Message-ID: To: FFmpeg development discussions and patches X-Content-Filtered-By: Mailman/MimeDel 2.1.20 Subject: [FFmpeg-devel] [PATCH] mp3dec: fix msan warning when verifying mpa header X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Chrome Cunningham Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" MPEG Audio frame header must be 4 bytes. If we fail to read 4 bytes bail early to avoid Use-of-uninitialized-value msan error. Reference https://crbug.com/666874. From 5ed6e20c09840320784c43b86b75b3ede69742f6 Mon Sep 17 00:00:00 2001 From: Chris Cunningham Date: Tue, 22 Nov 2016 13:54:50 -0800 Subject: [PATCH] mp3dec: fix msan warning when verifying mpa header MPEG Audio frame header must be 4 bytes. If we fail to read 4 bytes bail early to avoid Use-of-uninitialized-value msan error. Reference https://crbug.com/666874. --- libavformat/mp3dec.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/libavformat/mp3dec.c b/libavformat/mp3dec.c index 291cf56..64217b2 100644 --- a/libavformat/mp3dec.c +++ b/libavformat/mp3dec.c @@ -461,7 +461,8 @@ static int check(AVIOContext *pb, int64_t pos, uint32_t *ret_header) return CHECK_SEEK_FAILED; ret = avio_read(pb, &header_buf[0], 4); - if (ret < 0) + /* We should always find four bytes for a valid mpa header. */ + if (ret < 4) return CHECK_SEEK_FAILED; header = AV_RB32(&header_buf[0]); -- 2.8.0.rc3.226.g39d4020