[FFmpeg-devel] Attention FATE maintainers

Reimar Döffinger Reimar.Doeffinger
Fri Jan 22 19:12:43 CET 2010

On Fri, Jan 22, 2010 at 02:42:08PM -0200, Ramiro Polla wrote:
> ==10673== Conditional jump or move depends on uninitialised value(s)
> ==10673==    at 0x8452DF: av_adler32_update (adler32.c:43)
> ==10673==    by 0x44804A: framecrc_write_packet (framecrcenc.c:27)
> ==10673==    by 0x41E6D3: av_interleaved_write_frame (utils.c:2797)
> ==10673==    by 0x405FDC: write_frame (ffmpeg.c:550)
> ==10673==    by 0x4083AB: output_packet (ffmpeg.c:771)
> ==10673==    by 0x40B76C: av_encode (ffmpeg.c:2314)
> ==10673==    by 0x40C0FD: main (ffmpeg.c:4018)

There's a valgrind option to make it tell where the uninitialized memory was allocated.
Anyway, try checking in decode_init thet av_malloc to av_mallocz.
I think that's a good idea to avoid returning random data on invalid streams,
and it might even be required by the codec.
Of course it would be even more helpful if the main vb_decode_framedata and
vb_decode_palette functions actually cared about the size of the input
buffer at all, like this they are most likely to just crash with broken files...

More information about the ffmpeg-devel mailing list