On Mon, Dec 8, 2014 at 2:50 PM, Luca Barbato <[email protected]> wrote: > On 04/12/14 20:14, Vittorio Giovara wrote: >> >> From: Michael Niedermayer <[email protected]> >> >> Sample-Id: >> msan_uninit-mem_7f3f90a8606a_3018_Sequence_1-Apple_ProRes_422_LT.mov >> Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind >> Signed-off-by: Vittorio Giovara <[email protected]> >> --- >> libavformat/mov.c | 7 +++++-- >> 1 file changed, 5 insertions(+), 2 deletions(-) >> >> diff --git a/libavformat/mov.c b/libavformat/mov.c >> index 7f288cc..e433f87 100644 >> --- a/libavformat/mov.c >> +++ b/libavformat/mov.c >> @@ -348,7 +348,9 @@ static int mov_read_udta_string(MOVContext *c, >> AVIOContext *pb, MOVAtom atom) >> if (data_type == 3 || (data_type == 0 && (langcode < 0x400 || >> langcode == 0x7fff))) { // MAC Encoded >> mov_read_mac_string(c, pb, str_size, str, str_size_alloc); >> } else { >> - avio_read(pb, str, str_size); >> + int ret = avio_read(pb, str, str_size); >> + if (ret != str_size) >> + return ret < 0 ? ret : AVERROR_INVALIDDATA; >> str[str_size] = 0; >> } >> c->fc->event_flags |= AVFMT_EVENT_FLAG_METADATA_UPDATED; >> @@ -477,7 +479,8 @@ static int mov_read_dref(MOVContext *c, AVIOContext >> *pb, MOVAtom atom) >> dref->path = av_mallocz(len+1); >> if (!dref->path) >> return AVERROR(ENOMEM); >> - avio_read(pb, dref->path, len); >> + if (avio_read(pb, dref->path, len) != len) >> + return pb->error ? pb->error : AVERROR_EOF; >> if (len > volume_len && !strncmp(dref->path, >> dref->volume, volume_len)) { >> len -= volume_len; >> memmove(dref->path, dref->path+volume_len, len); >> > > Please check if there are other around. > _______________________________________________ > libav-devel mailing list > [email protected] > https://lists.libav.org/mailman/listinfo/libav-devel
not in that function... -- Vittorio _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
