From patchwork Thu Jun 27 00:40:34 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Kacper Michajlow X-Patchwork-Id: 50183 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:bc92:0:b0:482:c625:d099 with SMTP id p18csp160389vqy; Wed, 26 Jun 2024 17:41:42 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCVz/gW5WOj+1FEjF8YVXOaL/JiRWCEHlFLXp1xTV9TQOjUnfdHP/3xgXKJHAf2HJXGh6HsQEH+b8NevE2Rbz+RgKf4aYAQS2udl/A== X-Google-Smtp-Source: AGHT+IHeP2nDZA3UzbdmnSpfcrN5bO/E4O/S1p3y9bE8g/vAQNWYO0ICBRkVZvzIgbH4lOWu9Bd9 X-Received: by 2002:a05:6000:906:b0:362:a5ff:5f9a with SMTP id ffacd0b85a97d-366e9499613mr8617378f8f.22.1719448902374; Wed, 26 Jun 2024 17:41:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1719448902; cv=none; d=google.com; s=arc-20160816; b=fK4g7OIBdbU+v0Wv6l2CjhPsoZXD3lmSCkY5yZKWgRj5+joZP0634HJ0wi5UeVMfa3 j7Y1sN4s1QALtlQQLh0P+S2wJWhNjlcKdBKNJvW9JNhlnbUP+FuTb+acynMMzqBXf5P+ ryP1F1YzgyGGCb3f7nhOIA6MDQ3hyUVYxAIsPBWOq9nhijEX1r2LQ3bKo4EP86LiH9Sm loq51J6+K70Fdjr6+yzR/yFnNkSrcgC4ZkxZfz+VQNEajOzwmM48N/eLIFUzEwSSHcT9 o05pnvoC0N1OyUpKkpstOYK0TzNUu0QBjiyC+D75PXPv2QMIOCur2ZZN696bL46EzXiG c0jw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:cc:reply-to :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:mime-version:message-id:date:to:from :dkim-signature:delivered-to; bh=/9JXZClyGDgrplh87qSXtWRHzXH7k5eaD1jncZivxUI=; fh=VehHF75ibtIiOcMFupA+RvAd8F/HWiWMZFlcjyRnn54=; b=uh3LgIqCi+LPOHgi+MiK9DdKE17JpLqjHKU6/ZkSxMANLPWIK0xJeDnQl5PTs/QzcK jdMoHuSOLak8H2p9W4rlDzf6hcFT+Y8gX8HuEUJTXHJw9rCPUOGdz1OY4gOnPTq221cp 1PK4xR+mJkioa9ioe7O8ueoXu59VEz785lMQ6WtmfWu+TL1U3V8XePzVgV4fLR0soqUq Q+9+xUnBgUiEZ0KOgOsMdUBbrocSwAZ5u5gIW+wxkjH+mOt7E9hs8JsqGfZ7273wi/YT Hy/HBBZbXByLPn0yTnN53iVo7iOyDW32+dbq0l2KGCtHdEV/8Von6HLV88k6Y4bDcJwa ibBg==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20230601 header.b=UyNQ6+TE; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id a640c23a62f3a-a729d6fbf5csi7426066b.185.2024.06.26.17.41.41; Wed, 26 Jun 2024 17:41:42 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20230601 header.b=UyNQ6+TE; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 653DC68D07E; Thu, 27 Jun 2024 03:41:38 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-lf1-f53.google.com (mail-lf1-f53.google.com [209.85.167.53]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 1FC5968D07E for ; Thu, 27 Jun 2024 03:41:31 +0300 (EEST) Received: by mail-lf1-f53.google.com with SMTP id 2adb3069b0e04-52cd80e55efso9974689e87.0 for ; Wed, 26 Jun 2024 17:41:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1719448890; x=1720053690; darn=ffmpeg.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=3rVVkfl5a4ao+yT0AuYwDx44nxwiR4iAT5A41pkMz7c=; b=UyNQ6+TEjEWGIz744p/3vDb5niIHsdK5B+tdSABQG01ABPZHD0+uo/F+qqs+IGQofY w7w6PaNG1MA+gCp6pjNHPA2Nj5MhuXQn6HYIBjJbe30zDHf6K8hHPdlFf7yetBbtrncE RYFsMFIXrI7Ejz5RTLygCRt0AhRn0caTtfyiPcHZfj/gDfLn9payjnbp+mbz65+CUvWO h8jFvIrTIgUk7y823buJ53QmBnLApO4194F3WdfLV/yVuZwKWnXM2qnp7ZX+xc0tPG6q JgKdvczP/Vxabe2abs9HHpbVMlfBL2YbiID8gFSyMqaPTa2+cukbjmPFkHOhQb18pDmW a6Uw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1719448890; x=1720053690; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=3rVVkfl5a4ao+yT0AuYwDx44nxwiR4iAT5A41pkMz7c=; b=B9K+3KMP5slru2cCFhDb8d6tCkTbo9vcXZyn0X4JWpL1U5H7rIR89SMcEjQ/SrCwRL Qy6EVo6uXKuPtZp5ZTS7O4bITZnMYq5hKkumQc/QMKgOxEcEx7vlUR6LOvV7ms0iK8k0 DYP9pFhF6PNaJMdxATbTLK632qPZgFKQpOhlP/AcRigsTsrkV4Sh3p2ImXxsNp6PicT1 Y1XAP1K89i+qOLNcBttaoQsietqRwcvrRY4QmlDVQISw16YqPkMfgpc6F0AtaLroJ2u1 w2VTQ+B2GfIpnMQH6M1HPmnNt78eMFdheC0EPoy2DZEDLKZ8WPjX7Odyp6lPZrvqj1fH Wvzw== X-Gm-Message-State: AOJu0Yyn7qarMyyyz8GOSJmbFtCVPkFY8eDtRPTAU1PitGwog0x9sYB8 VM/CA9z/ZR6p6hQTIi1PENrj+wkZydjuNXlohx541p0/0Mz8fUXlkYAPPw== X-Received: by 2002:a05:6512:358b:b0:52c:cb8d:637d with SMTP id 2adb3069b0e04-52ce182bca2mr8435014e87.5.1719448889502; Wed, 26 Jun 2024 17:41:29 -0700 (PDT) Received: from localhost.localdomain (89-74-12-251.dynamic.chello.pl. [89.74.12.251]) by smtp.gmail.com with ESMTPSA id 2adb3069b0e04-52e71313206sm18547e87.188.2024.06.26.17.41.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Jun 2024 17:41:29 -0700 (PDT) From: =?utf-8?q?Kacper_Michaj=C5=82ow?= To: ffmpeg-devel@ffmpeg.org Date: Thu, 27 Jun 2024 02:40:34 +0200 Message-ID: <20240627004037.1336-1-kasper93@gmail.com> X-Mailer: git-send-email 2.43.0 MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH 1/4] avcodec/jpegxl_parser: ensure input padding is zeroed X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: =?utf-8?q?Kacper_Michaj=C5=82ow?= Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: 0z2pRUpLqi/c Fixes use of uninitialized value, reported by MSAN. Found by OSS-Fuzz. Signed-off-by: Kacper Michajłow --- libavcodec/jpegxl_parser.c | 1 + 1 file changed, 1 insertion(+) diff --git a/libavcodec/jpegxl_parser.c b/libavcodec/jpegxl_parser.c index 8c45e1a1b7..f833f844c4 100644 --- a/libavcodec/jpegxl_parser.c +++ b/libavcodec/jpegxl_parser.c @@ -1419,6 +1419,7 @@ static int try_parse(AVCodecParserContext *s, AVCodecContext *avctx, JXLParseCon } cs_buffer = ctx->cs_buffer; cs_buflen = FFMIN(sizeof(ctx->cs_buffer) - AV_INPUT_BUFFER_PADDING_SIZE, ctx->copied); + memset(ctx->cs_buffer + cs_buflen, 0, AV_INPUT_BUFFER_PADDING_SIZE); } else { cs_buffer = buf; cs_buflen = buf_size; From patchwork Thu Jun 27 00:40:35 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Kacper Michajlow X-Patchwork-Id: 50187 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:bc92:0:b0:482:c625:d099 with SMTP id p18csp182724vqy; Wed, 26 Jun 2024 18:57:53 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWDpQsz0VZQDTY9kAY0AH1zdHQhgYVt1nibxZ2g/zCt/+6yeIagLBwjm2oT4Jh6XV9HgfKIDklZ6R0SWinD94AYR4i3X/PYBST6hA== X-Google-Smtp-Source: AGHT+IGvk7Ddul52qdGA7FMq7C2eD7VryTwagYJPdiS6ah27108cx1tzTffgf/Yz/6MoUW6iBO8D X-Received: by 2002:a05:6512:3b0a:b0:52c:a070:944 with SMTP id 2adb3069b0e04-52e703a40d7mr138480e87.23.1719453472663; Wed, 26 Jun 2024 18:57:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1719453472; cv=none; d=google.com; s=arc-20160816; b=FbBEoPzfnrxkvfYQkxsr2kWr0VmWOhb0y4oHEG9pjMqpZGb0VJa0fh2ouIK6kiA3Mx HGQrRtKcZX5mbQubiOso5/zvUPcI+bNqeLqcx171qmK7sBTe5/CGnCNXRZNYS/QJ30We ir0hibFEjwQDYgiuZqD5uj/mzRUuv3Iuokrm0Vqg2jfHAtERLlUdZsmekb6MsdKa4FGh DZvAeFrLa7N4SsBQhj/CWSeyPZucNCBH3YkwhhFzwXXawIxFpsDjFaIHleGGn5jkhhfy K9isUY5QfU4k+7XF59rR++wYJ1uuLOb/gkj77sOru2zdkwQQ+JXcMqwwiqAWosCYLnvh UuDQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:cc:reply-to :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:mime-version:references:in-reply-to :message-id:date:to:from:dkim-signature:delivered-to; bh=sus9yoUISVYw7zeuKF40k5tAYaCVHzggO5NLq0RIKzg=; fh=VehHF75ibtIiOcMFupA+RvAd8F/HWiWMZFlcjyRnn54=; b=VlxUIu3k8m9t7fwdBLP2C2GT2Jxlrin2KI421VdJADZnmoe0cSbNOsB/LeKO6PMQI2 X3oiH2DPmH6qMYeRKM4WUlia0QHYKM6hkeSV9VFH4UErj8BK/jaUAQl1q0U9uxwK7zId JGweo3Oi0L/I8R2zZ7vg2uM+fdBkQfhGHatL5H87/uUdiIjSz/vypf0lZkFgobnPzwQ/ PsdNvGJxPIHUVO7cVYEfQAEtH5rnNzOHojcVtrZQmHDTZNxxdqCIb0GNh5CAGZosXNKc bXqjQI1AyTTE8nl347/sBCcMd8VPit8Mz4E6V7sNk4ujgpuRjAfoWLoTbDpMnMNBQKAD Hwmw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20230601 header.b=mps1iy5b; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id 2adb3069b0e04-52e7130375asi70395e87.386.2024.06.26.18.57.52; Wed, 26 Jun 2024 18:57:52 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20230601 header.b=mps1iy5b; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 173B368D6ED; Thu, 27 Jun 2024 03:41:41 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-lf1-f47.google.com (mail-lf1-f47.google.com [209.85.167.47]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 83E6E68D667 for ; Thu, 27 Jun 2024 03:41:33 +0300 (EEST) Received: by mail-lf1-f47.google.com with SMTP id 2adb3069b0e04-52cdb9526e2so1145708e87.0 for ; Wed, 26 Jun 2024 17:41:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1719448892; x=1720053692; darn=ffmpeg.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=0MEGUa9N2gyn0Q3RCDIBEXfcK+uOYf9YNUtCxKLilcY=; b=mps1iy5bmAza5VGbgaUz3gM/lXKP+uIkul7GDYxN7LU8l6co6+zxqafLQemIeZGUeP xZ2Z+QNLyZVFSdjmX5+5JJeU6Rj75SgAyfqNvzBi1mK7LtS5ll9cjl1tNIL5XlEi9KN2 8P+GwyeUeWlT6MlwWLbWZLmF0+ottciVdrPxhMdkNqVZl/IiQ14HjGzWscx1Oey2nzpb zROkCO0GmrJw12scrNdIH/vEVdheHzMj0wB8Bvg9sZm8DeC0nMSYBCZrgTtufFJnXJcN BzmcFBs37DpzZm52YUZLNfBuazb9mpQVucR2XIBUm8qhklhnCGrRdPts1kakanq3xuAN 7+nw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1719448892; x=1720053692; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0MEGUa9N2gyn0Q3RCDIBEXfcK+uOYf9YNUtCxKLilcY=; b=CZZg5l2BheU0Aai04OOOHMLXtDzI25qAkCoBXySmIEPsDQMGf/EFMKqzXPOqfww7Pv nZyxBd9N+PjT/vXHwsIDfa078TuoIU9gkN6/i6mWQVc8mNnVa7xrGRhsL6pfyOPShppe ZQoPpYWqR35Ddo64FaY0pIps0mTlnm5hVhfMbpEBz9xjCaoaRzBpf8KX8OxrhwZJWXBa /zBz6y5lBckra3SGusCM1tahPNAAW+63nJNjLsjWZVMuUHhX7wk7ILMTclSD5wr7PDAE 6vt3TwMSTbygRPzxL8qttL+vh/FRFcV18VVGSPV/koaQ8MmAjd7vmEZ/vEArZJRneDGV syxQ== X-Gm-Message-State: AOJu0YweBpjZIj6FpZJm7wOjbkrsa0X8gdNNcms+JZvckHZNR2wQwtbp ra0pcYE0hGoF9DwCYgcjedw44DPgIqQI6i5lgnh03H6WCeticabt+thvng== X-Received: by 2002:a05:6512:693:b0:52c:f38b:41b2 with SMTP id 2adb3069b0e04-52e7038b7c1mr127721e87.17.1719448892278; Wed, 26 Jun 2024 17:41:32 -0700 (PDT) Received: from localhost.localdomain (89-74-12-251.dynamic.chello.pl. [89.74.12.251]) by smtp.gmail.com with ESMTPSA id 2adb3069b0e04-52e71313206sm18547e87.188.2024.06.26.17.41.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Jun 2024 17:41:31 -0700 (PDT) From: =?utf-8?q?Kacper_Michaj=C5=82ow?= To: ffmpeg-devel@ffmpeg.org Date: Thu, 27 Jun 2024 02:40:35 +0200 Message-ID: <20240627004037.1336-2-kasper93@gmail.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240627004037.1336-1-kasper93@gmail.com> References: <20240627004037.1336-1-kasper93@gmail.com> MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH 2/4] avcodec/parser: ensure input padding is zeroed X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: =?utf-8?q?Kacper_Michaj=C5=82ow?= Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: uXImOfJiHcGD Fixes use of uninitialized value, reported by MSAN. Found by OSS-Fuzz. Signed-off-by: Kacper Michajłow --- libavcodec/parser.c | 1 + 1 file changed, 1 insertion(+) diff --git a/libavcodec/parser.c b/libavcodec/parser.c index af17ee9c15..426cc314fb 100644 --- a/libavcodec/parser.c +++ b/libavcodec/parser.c @@ -236,6 +236,7 @@ int ff_combine_frame(ParseContext *pc, int next, } pc->buffer = new_buffer; memcpy(&pc->buffer[pc->index], *buf, *buf_size); + memset(&pc->buffer[pc->index + *buf_size], 0, AV_INPUT_BUFFER_PADDING_SIZE); pc->index += *buf_size; return -1; } From patchwork Thu Jun 27 00:40:36 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Kacper Michajlow X-Patchwork-Id: 50184 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:bc92:0:b0:482:c625:d099 with SMTP id p18csp164603vqy; Wed, 26 Jun 2024 17:57:51 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWChQkgQU0Mvg0+RFWQwpQgDwau0FlL/gCGTXDHC9pYy4iJkOfIEb0ZYhWTh70cl30EkVABhPSqBGUeojSonlxhQdWx221ommnrQA== X-Google-Smtp-Source: AGHT+IHTb7wiRk21RT0UrhgD1fR+eFquAb+8IMk1u0tYKMioTktxVg9sEK+3FetSd+HyfPKrSa6F X-Received: by 2002:a05:651c:104f:b0:2ec:1dfc:45cd with SMTP id 38308e7fff4ca-2ec593100a0mr92693751fa.4.1719449871591; Wed, 26 Jun 2024 17:57:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1719449871; cv=none; d=google.com; s=arc-20160816; b=fFtBMufINHJhar1gUwqE2GRsiUuETFLsqeqChO9/leANCXEeBYDK/3lFxmJZhQadJm d8sg0BlIOn0+j4WvOl3PbkNRh3m7s+trbuDYq+57jU5yIGqOZOQoIqCt/TANBGYYYtws P/9Dci9BnfV2XSbbga6Rg+fPSfLwk2DVpyg12XwPYo3ZjiC6ExCV/L45PGTExHfOyVOd O/pvHxQHlJGsDdHr/J4dN6+IxP1R336EUhz9S1mhL9lsoxKfr2XHcgY06QnPTpHeG+4w FWoPbUgMnFMlDuEzlTHpLTClYsdd1avawG9s4SqJarTJWyggKr+Ge4mO9dRT9PT+r8EK ko0Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:cc:reply-to :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:mime-version:references:in-reply-to :message-id:date:to:from:dkim-signature:delivered-to; bh=HXA7oIWfS+33v8FbOCL8McWJOfQAO5SMI2ysnl4pBbk=; fh=VehHF75ibtIiOcMFupA+RvAd8F/HWiWMZFlcjyRnn54=; b=Zbm05CVgekEBEHGJR8GU9PgVP3xYxAZjRtXJXRaYQjDi8MrftJXgyzAo8gxF5SoE/6 2009XaNlSVMN3dGOtgseinOl+7UiS4SlCkjg0Cw8Q709zTcnrVYwvvZ0FrhrqmRBsjN2 uBBoXdf9Ttg749DRLN/YopNMBb8Pq3bj742htNQzJ1I+tUGv1HvkoX4cNuT5KxG+uqhk tath1wnqAZ1zEV220PCXJKUg2XNz0QxPhPRmFM+iaQKv7GoL/BWWUWt+Eod1VsajaGiM /g3s9o1ISeADmFRs9rjvXjaPN1B2uBSf4G4Uw2FQnmHKzHdArdFSRi5F9Nl0aggUGlEC zmuw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20230601 header.b=cmq8MnnI; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id 38308e7fff4ca-2ee4a493ca1si729871fa.209.2024.06.26.17.57.51; Wed, 26 Jun 2024 17:57:51 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20230601 header.b=cmq8MnnI; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 544F968D6F4; Thu, 27 Jun 2024 03:41:44 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-lf1-f46.google.com (mail-lf1-f46.google.com [209.85.167.46]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 9470E68D67F for ; Thu, 27 Jun 2024 03:41:34 +0300 (EEST) Received: by mail-lf1-f46.google.com with SMTP id 2adb3069b0e04-52cdf4bc083so7546729e87.2 for ; Wed, 26 Jun 2024 17:41:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1719448893; x=1720053693; darn=ffmpeg.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=QIyF6ATce3faPcbqVSIwM4umk4JfKD+1t3N35ARpoa8=; b=cmq8MnnIvsfrC3ciThLiP7B9mzO81+0Z5FTlFTXDrJK0WhfSqdUi2OfTMJb3Cs+GYh ZgcP7wn7ONRvE/bDhIuBvp6kuMon9zg/vEPHbMo8la+LpPFFLCxXTm9mf/eeJqMEnTQq D/LIoV/7sCx3vg570nlT8p0iJPYMuZvk7uTsrzyC0LkUKJBwNqc0MX+XyX21NkCvCY+W L63Xrjlu2jlz+NhjO7fCJCqnd6ZC29PTJO/Cpqz08baMlNA6G/z+rzQWFrh62nnyU00U NaEVFa+nHynIuhUwDovZ84fLwPcfrvQurE282GCdSRYknCbhpIyDstzVeG/FJ1L8cEaX 1MFA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1719448893; x=1720053693; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=QIyF6ATce3faPcbqVSIwM4umk4JfKD+1t3N35ARpoa8=; b=ct71CSBM+QzFQPXLH167jd/7xVmF4zqt1V6HtMmb6+BQLUNEfdJli3e2VQKZ5+qbSf lYT1vsZ8eT9Gl/2mnCxwATn6dEX+nA0JAurIcTr7IvAhGywQUMOZyL2P4q7RlLP+ScGW wfkRv4uNaGlYiPmuJyO9jvjFen3V9XT7L29u3M794jCSZLj5QEs2iPwTVB11mTTBt1KI 96olNGuKPix4BQeVzdO0AQedDx2klKUfD6nkjHcE8r/Zdlikm0Uy8VbrgJ42DJPl9HpU ued4J5jGamBhSZ48rb8j7M9RFsrXldHnXSTRTFNUaotmJ2nzV/yEEcNMVf2LB1ihM1Ut AeaA== X-Gm-Message-State: AOJu0YxcednPFpiT8YlgxkSlUFzsyuSUh7wLH7YzPxUSuV+EiwaiRbXq 5Zgj+Dvb/zLuUvcn6K0nrVrKyzfEFaXv725x1ZSSK7Aahm3QMoMQABFboA== X-Received: by 2002:a19:f004:0:b0:52c:1298:7304 with SMTP id 2adb3069b0e04-52ce061b107mr8247036e87.26.1719448893393; Wed, 26 Jun 2024 17:41:33 -0700 (PDT) Received: from localhost.localdomain (89-74-12-251.dynamic.chello.pl. [89.74.12.251]) by smtp.gmail.com with ESMTPSA id 2adb3069b0e04-52e71313206sm18547e87.188.2024.06.26.17.41.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Jun 2024 17:41:33 -0700 (PDT) From: =?utf-8?q?Kacper_Michaj=C5=82ow?= To: ffmpeg-devel@ffmpeg.org Date: Thu, 27 Jun 2024 02:40:36 +0200 Message-ID: <20240627004037.1336-3-kasper93@gmail.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240627004037.1336-1-kasper93@gmail.com> References: <20240627004037.1336-1-kasper93@gmail.com> MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH 3/4] avformat/img2dec: ensure input padding is zeroed X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: =?utf-8?q?Kacper_Michaj=C5=82ow?= Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: SI6pb+Ua4k3y Fixes use of uninitialized value, reported by MSAN. Specifically in jpegxl parser. Found by OSS-Fuzz. Signed-off-by: Kacper Michajłow --- libavformat/img2dec.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libavformat/img2dec.c b/libavformat/img2dec.c index ba52353074..c667d8574c 100644 --- a/libavformat/img2dec.c +++ b/libavformat/img2dec.c @@ -549,6 +549,8 @@ int ff_img_read_packet(AVFormatContext *s1, AVPacket *pkt) } } + memset(pkt->data + pkt->size, 0, AV_INPUT_BUFFER_PADDING_SIZE); + if (ret[0] <= 0 || ret[1] < 0 || ret[2] < 0) { if (ret[0] < 0) { res = ret[0]; From patchwork Thu Jun 27 00:40:37 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Kacper Michajlow X-Patchwork-Id: 50185 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:bc92:0:b0:482:c625:d099 with SMTP id p18csp164633vqy; Wed, 26 Jun 2024 17:57:56 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCUvA+lZDyqPAwRJRpK9zl7+AsVTiZb0iTq3P1q/8YCL1ciIdOUiVzf/clg0pNpWef41RRAM+CuaYa73DJDjZ0pZsbytyjl0rv/YlA== X-Google-Smtp-Source: AGHT+IE5VlYX88xKFCPnGgUXdDwD+AtCYLIqUZ0UTRNg22C6fC3XJ2v5oTQRNy3Uokprqas9oP+6 X-Received: by 2002:a05:651c:1511:b0:2ee:494c:c3d3 with SMTP id 38308e7fff4ca-2ee494cc432mr3481771fa.43.1719449876242; Wed, 26 Jun 2024 17:57:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1719449876; cv=none; d=google.com; s=arc-20160816; b=Vln7gKiatIgCn47mKhY/Ie4E4OsTiazBk5c/xYx+d75BmKO4yo4Lu5DGEIy7OeNY7P pXI/Mc7bgqNpiRELJ+FNhjuQKCELQWJu4Hl7FjyHYMhxoEuSx43lbD5L9hb9ZvOaT/0u g8Ovz4nB2+SaC5Rb3AsrHJcvSoOcfQvgvpTL3sLBIcr8mPjVY1h6LH2+xdVwhBdOHa8Z rzLmIKxen5j2OP0YxXDi3hOiUNPWTSAl5PDjxUhyCNmltxXL1XOU8xFL+B0dWLoL9B4v 9O4u7B9CQ0KMcO4VPjixZiTADIVoGZhqzE7hZQ/lMzykwJ5/M1/WnuWZRZyykTLCVPJN g18w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:cc:reply-to :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:mime-version:references:in-reply-to :message-id:date:to:from:dkim-signature:delivered-to; bh=MqLGIgiZQ0oxgsYENVlep/0BXlo0B6WksGyAIL/veZQ=; fh=VehHF75ibtIiOcMFupA+RvAd8F/HWiWMZFlcjyRnn54=; b=DLal7atRE1uD8L/vyVtOfiR0gjO/9lcx3SvPqB9j9Nfa6Un/gLp3AaJPiECCEzHLnS 0/spHlWrUJcpRy65fQnJOCGbHIoDDx8SPAbeCOjPLIrpjJgF2+xdUpdh1kxwEJgT8Gsk dLiNcyT9lrl4m+ti0YrwLJ9wKgsCaXCgcm3QxNMFKuoJ/Jmsqjf0EYmICWsqKjKL9vW8 jtcPnjzlC3+cdGFkqOMtVz6gwoy8VMboS82zcPk9+VPvflAyWVXUmc91+gtxs2AqXcvG 6wXey0O4JmJXZZ4crXjwKfvvAOuo5yjAVwGtyMclGfES8MC9hipiyaG3dTvGo/Q6gzKy yCbg==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20230601 header.b=lq3klwP3; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id 38308e7fff4ca-2ee4a4c142esi720081fa.487.2024.06.26.17.57.55; Wed, 26 Jun 2024 17:57:56 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20230601 header.b=lq3klwP3; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id ED87C68D707; Thu, 27 Jun 2024 03:41:46 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-lf1-f41.google.com (mail-lf1-f41.google.com [209.85.167.41]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id F0D8B68D6E7 for ; Thu, 27 Jun 2024 03:41:35 +0300 (EEST) Received: by mail-lf1-f41.google.com with SMTP id 2adb3069b0e04-52cd8897c73so6332995e87.2 for ; Wed, 26 Jun 2024 17:41:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1719448895; x=1720053695; darn=ffmpeg.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=404NudapaATmu014Bz1D01Q4wSsUIvPiMn5vG9ncXJQ=; b=lq3klwP3QOLgk11dQ8gNPAHa21ur7h0zRwFZWb+ZSU7o3f0XPuSN5IFrzUOlSb/I/r uUxO4vwxsWFGAFbi1c2O4ln20P7eAW+mf+Zv3UpWseJ/OmE97a6lSNg4kraqgo6WB99k WcgwX6mjW3KTWnatYB70HM32Rge8dTD2J87xEAtnf8dN9zaQBhpT0KrH2cR+sph4DZtE JCv2pw5EKhXJzdn3HUbGpGCZTjmdhU3SeAVHUkUrOTZxhehNHfYxQGzyf+MIvl4Qoa9T EX0EdHWnVArMaEaxydCdNYavJYywl27IxIyA9Tr8esg817nnedpWf81N69LQuTvr7YFR ejmw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1719448895; x=1720053695; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=404NudapaATmu014Bz1D01Q4wSsUIvPiMn5vG9ncXJQ=; b=Cw6C2EIi5WH/Rt0S54uzt7vaEabKUw27qAaJbOR2CxliyBJa2BqUrnKfIVfuXvOD02 VGdOKUEJCDmYlMBcbqpqt0MztT++w+a9k6vbLIvmThZbd5a9TLQ0Up6Cb1yFPD4cqdk1 I99K0jvKUXuc4A76WN9DWbchHOtRgNb4MrJZI2M+jcXTzRSL1J1oJ4YR05rX3RFCuZmi aficbHV0Az4hvcHqY0QypfRcJiVB4uvdos9Wmy6Ez2WMYZi3ZoYV1Q6RtTCqd7578pGX nJPhmUCqkKr5RsyoybgKUOhmGKxJhrtNoZxgaNVHB2aQ5JGqfz8vHUk7Znkx3+WylkHD IEGQ== X-Gm-Message-State: AOJu0Yw9BwxRJQQPOeXULb4B4+adHG/xmq+LoPpFBKSzYVyb+PG3MXTp OBTxAfcQ1dzd16GIf9zb1Y95RiI0FSPoi6qWm6EejQ0WmKe4ycVA+9pN7Q== X-Received: by 2002:a05:6512:b1e:b0:52d:582e:4117 with SMTP id 2adb3069b0e04-52d582e41e7mr3869520e87.54.1719448894485; Wed, 26 Jun 2024 17:41:34 -0700 (PDT) Received: from localhost.localdomain (89-74-12-251.dynamic.chello.pl. [89.74.12.251]) by smtp.gmail.com with ESMTPSA id 2adb3069b0e04-52e71313206sm18547e87.188.2024.06.26.17.41.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Jun 2024 17:41:34 -0700 (PDT) From: =?utf-8?q?Kacper_Michaj=C5=82ow?= To: ffmpeg-devel@ffmpeg.org Date: Thu, 27 Jun 2024 02:40:37 +0200 Message-ID: <20240627004037.1336-4-kasper93@gmail.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240627004037.1336-1-kasper93@gmail.com> References: <20240627004037.1336-1-kasper93@gmail.com> MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH 4/4] avformat/jpegxl_anim_dec: ensure input padding is zeroed X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: =?utf-8?q?Kacper_Michaj=C5=82ow?= Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: xrhPO2m6PSQ9 Fixes use of uninitialized value, reported by MSAN. Found by OSS-Fuzz. Signed-off-by: Kacper Michajłow --- libavformat/jpegxl_anim_dec.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libavformat/jpegxl_anim_dec.c b/libavformat/jpegxl_anim_dec.c index ac95d3b961..2338a2e8c0 100644 --- a/libavformat/jpegxl_anim_dec.c +++ b/libavformat/jpegxl_anim_dec.c @@ -124,6 +124,8 @@ static int jpegxl_anim_read_header(AVFormatContext *s) } } + memset(head + headsize, 0, AV_INPUT_BUFFER_PADDING_SIZE); + /* offset in bits of the animation header */ ret = ff_jpegxl_parse_codestream_header(head, headsize, &meta, 0); if (ret < 0 || meta.animation_offset <= 0)