[FFmpeg-devel] [PATCH 2/3] avformat/mxfdec: Check that key was read sucessfull
Michael Niedermayer
michael at niedermayer.cc
Wed Aug 14 17:34:20 EEST 2024
Fixes: use of uninitialized value
Fixes: 70932/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-4870202133643264
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
---
libavformat/mxfdec.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/libavformat/mxfdec.c b/libavformat/mxfdec.c
index af0c8a31007..4d5cb28d6dd 100644
--- a/libavformat/mxfdec.c
+++ b/libavformat/mxfdec.c
@@ -1533,7 +1533,8 @@ static int mxf_read_indirect_value(void *arg, AVIOContext *pb, int size)
if (size <= 17)
return 0;
- avio_read(pb, key, 17);
+ if (avio_read(pb, key, 17) != 17)
+ return AVERROR_INVALIDDATA;
/* TODO: handle other types of of indirect values */
if (memcmp(key, mxf_indirect_value_utf16le, 17) == 0) {
return mxf_read_utf16le_string(pb, size - 17, &tagged_value->value);
--
2.45.2
More information about the ffmpeg-devel
mailing list