This is an automated email from the git hooks/post-receive script. Git pushed a commit to branch release/8.1 in repository ffmpeg.
commit 511387e49a1a232b719e579e0a8ac77458914958 Author: Michael Niedermayer <[email protected]> AuthorDate: Sat Mar 7 12:22:35 2026 +0100 Commit: Michael Niedermayer <[email protected]> CommitDate: Sun Mar 15 00:49:54 2026 +0100 avformat/aiffdec: Check for partial read Fixes: read of uninitialized memory Fixes: 490305404/clusterfuzz-testcase-minimized-ffmpeg_dem_AIFF_fuzzer-6406386140643328 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]> (cherry picked from commit ba0f8083fd630480df873a2bead96e5b2e211dc7) Signed-off-by: Michael Niedermayer <[email protected]> --- libavformat/aiffdec.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/libavformat/aiffdec.c b/libavformat/aiffdec.c index ff47d8dc7b..8ae577cb71 100644 --- a/libavformat/aiffdec.c +++ b/libavformat/aiffdec.c @@ -23,6 +23,7 @@ #include "libavutil/dict.h" #include "libavutil/mem.h" #include "avformat.h" +#include "avio_internal.h" #include "demux.h" #include "internal.h" #include "pcm.h" @@ -368,9 +369,10 @@ static int aiff_read_header(AVFormatContext *s) if (len == 11 && size > 11) { uint8_t chunk[11]; - ret = avio_read(pb, chunk, 11); - if (ret > 0) - size -= ret; + ret = ffio_read_size(pb, chunk, 11); + if (ret < 0) + return ret; + size -= ret; if (!memcmp(chunk, "VADPCMCODES", sizeof(chunk))) { if ((ret = ff_get_extradata(s, st->codecpar, pb, size)) < 0) return ret; _______________________________________________ ffmpeg-cvslog mailing list -- [email protected] To unsubscribe send an email to [email protected]
