[FFmpeg-cvslog] avcodec/cbs_sei: Always zero-initialize SEI payload

[Andreas Rheinhardt]

ffmpeg | branch: master | Andreas Rheinhardt <andreas.rheinhardt at outlook.com> | Tue Aug  6 19:47:49 2024 +0200| [bfcee368e28823b1289240ae061ccc8ee28cf33e] | committer: Andreas Rheinhardt

avcodec/cbs_sei: Always zero-initialize SEI payload

Fixes: Use-of-uninitialized value
Fixes: clusterfuzz-testcase-minimized-ffmpeg_BSF_H264_METADATA_fuzzer-5458626041413632

Reviewed-by: Michael Niedermayer <michael at niedermayer.cc>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt at outlook.com>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bfcee368e28823b1289240ae061ccc8ee28cf33e
---

 libavcodec/cbs_sei.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/libavcodec/cbs_sei.c b/libavcodec/cbs_sei.c
index eefa07cf00..458751d92e 100644
--- a/libavcodec/cbs_sei.c
+++ b/libavcodec/cbs_sei.c
@@ -41,7 +41,6 @@ int ff_cbs_sei_alloc_message_payload(SEIRawMessage *message,
                                      const SEIMessageTypeDescriptor *desc)
 {
     void (*free_func)(FFRefStructOpaque, void*);
-    unsigned flags = 0;
 
     av_assert0(message->payload     == NULL &&
                message->payload_ref == NULL);
@@ -53,10 +52,9 @@ int ff_cbs_sei_alloc_message_payload(SEIRawMessage *message,
         free_func = &cbs_free_user_data_unregistered;
     else {
         free_func = NULL;
-        flags = FF_REFSTRUCT_FLAG_NO_ZEROING;
     }
 
-    message->payload_ref = ff_refstruct_alloc_ext(desc->size, flags,
+    message->payload_ref = ff_refstruct_alloc_ext(desc->size, 0,
                                                   NULL, free_func);
     if (!message->payload_ref)
         return AVERROR(ENOMEM);