[MPlayer-dev-eng] [PATCH] Fix uninitialized memory read in vd_ffmpeg.c
Reimar Döffinger
Reimar.Doeffinger at gmx.de
Wed Mar 9 22:03:27 CET 2011
On Wed, Mar 09, 2011 at 07:49:39PM +0100, Tobias Diedrich wrote:
> Fix uninitialized memory read.
>
> The debug message shouldn't show uninitialized bogus data if len is <= 16.
>
> Index: mplayer-patchset1/libmpcodecs/vd_ffmpeg.c
> ===================================================================
> --- mplayer-patchset1.orig/libmpcodecs/vd_ffmpeg.c 2011-02-18 20:08:07.965376000 +0100
> +++ mplayer-patchset1/libmpcodecs/vd_ffmpeg.c 2011-02-18 20:09:34.748589000 +0100
> @@ -828,8 +828,12 @@
>
> avctx->hurry_up=(flags&3)?((flags&2)?2:1):0;
>
> - mp_msg(MSGT_DECVIDEO, MSGL_DBG2, "vd_ffmpeg data: %04x, %04x, %04x, %04x\n",
> - ((int *)data)[0], ((int *)data)[1], ((int *)data)[2], ((int *)data)[3]);
> + if (len >= 16) {
> + mp_msg(MSGT_DECVIDEO, MSGL_DBG2,
> + "vd_ffmpeg data: %04x, %04x, %04x, %04x\n",
> + ((int *)data)[0], ((int *)data)[1],
> + ((int *)data)[2], ((int *)data)[3]);
> + }
Required padding is 32 bytes, so this will not use uninitialized data
(unless len is 0 and data NULL I guess - seems like that has never happened
so far though).
Since in addition this change means you can no longer debug packages shorter
than 16 bytes I'm rather against it.
More information about the MPlayer-dev-eng
mailing list