[FFmpeg-devel] [PATCH] avformat/mov: ensure required number of bytes is read
Michael Niedermayer
michael at niedermayer.cc
Thu Aug 8 19:12:19 EEST 2024
On Thu, Aug 08, 2024 at 01:09:01PM -0300, James Almer wrote:
> On 8/7/2024 11:09 AM, Kacper Michajłow wrote:
> > Fixes: use-of-uninitialized-value
> >
> > Found by OSS-Fuzz.
> > ---
> > libavformat/mov.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/libavformat/mov.c b/libavformat/mov.c
> > index 1052691936..f2d8aee766 100644
> > --- a/libavformat/mov.c
> > +++ b/libavformat/mov.c
> > @@ -7096,7 +7096,7 @@ static int mov_read_free(MOVContext *c, AVIOContext *pb, MOVAtom atom)
> > if (atom.size < 8)
> > return 0;
> > - ret = avio_read(pb, content, FFMIN(sizeof(content), atom.size));
> > + ret = ffio_read_size(pb, content, FFMIN(sizeof(content), atom.size));
> > if (ret < 0)
> > return ret;
>
> Unrelated (somewhat) to this patch, but why does ffio_read_size() replace
> EOF with INVALIDDATA? Is it a good idea to mask the former?
EOF might be interpreted as normal / no error end of file i guess
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
If you drop bombs on a foreign country and kill a hundred thousand
innocent people, expect your government to call the consequence
"unprovoked inhuman terrorist attacks" and use it to justify dropping
more bombs and killing more people. The technology changed, the idea is old.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20240808/061a3205/attachment.sig>
More information about the ffmpeg-devel
mailing list