diff options
| author | Michael Niedermayer <michaelni@gmx.at> | 2013-12-13 19:50:34 +0100 |
|---|---|---|
| committer | Michael Niedermayer <michaelni@gmx.at> | 2013-12-13 19:51:47 +0100 |
| commit | 7d7a701362867439e9ce04fb0227b53de62704c4 (patch) | |
| tree | b79f7d3a90361f05c34458e00f0ba75894553aea /libavformat/ipmovie.c | |
| parent | 7439475e69f333541c3647f6b9eb5b5af073cb64 (diff) | |
| download | ffmpeg-streaming-7d7a701362867439e9ce04fb0227b53de62704c4.zip ffmpeg-streaming-7d7a701362867439e9ce04fb0227b53de62704c4.tar.gz | |
avformat/ipmovie: Fix use of uninitialized memory in OPCODE_INIT_VIDEO_BUFFERS
Fixes: msan_uninit-mem_7ffe323a25f3_5929_ipmovie_interplayvideo_interplay_dpcm__bislogo.mve
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Diffstat (limited to 'libavformat/ipmovie.c')
| -rw-r--r-- | libavformat/ipmovie.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/libavformat/ipmovie.c b/libavformat/ipmovie.c index 368c059..ff5699a 100644 --- a/libavformat/ipmovie.c +++ b/libavformat/ipmovie.c @@ -376,7 +376,9 @@ static int process_ipmovie_chunk(IPMVEContext *s, AVIOContext *pb, case OPCODE_INIT_VIDEO_BUFFERS: av_dlog(NULL, "initialize video buffers\n"); - if ((opcode_version > 2) || (opcode_size > 8) || opcode_size < 4) { + if ((opcode_version > 2) || (opcode_size > 8) || opcode_size < 4 + || opcode_version == 2 && opcode_size < 8 + ) { av_dlog(NULL, "bad init_video_buffers opcode\n"); chunk_type = CHUNK_BAD; break; |
