[FFmpeg-cvslog] avcodec/hevc: use av_mallocz() for allocating tab_ipm

Michael Niedermayer git at videolan.org
Sat Jan 11 20:38:25 CET 2014


ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Sat Jan 11 20:23:51 2014 +0100| [0999f1613bc48ed9d6578a3ad7bcd17610e07fbf] | committer: Michael Niedermayer

avcodec/hevc: use av_mallocz() for allocating tab_ipm

Fixes use of uninitialized memory and out of stack array read
Fixes: signal_sigsegv_ecc526_7846_WPP_C_ericsson_MAIN_2.bit
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0999f1613bc48ed9d6578a3ad7bcd17610e07fbf
---

 libavcodec/hevc.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/hevc.c b/libavcodec/hevc.c
index 43d10f0..9c33da0 100644
--- a/libavcodec/hevc.c
+++ b/libavcodec/hevc.c
@@ -107,7 +107,7 @@ static int pic_arrays_init(HEVCContext *s, const HEVCSPS *sps)
         goto fail;
 
     s->cbf_luma = av_malloc(sps->min_tb_width * sps->min_tb_height);
-    s->tab_ipm  = av_malloc(min_pu_size);
+    s->tab_ipm  = av_mallocz(min_pu_size);
     s->is_pcm   = av_malloc(min_pu_size);
     if (!s->tab_ipm || !s->cbf_luma || !s->is_pcm)
         goto fail;



More information about the ffmpeg-cvslog mailing list