This is an automated email from the git hooks/post-receive script. Git pushed a commit to branch release/4.4 in repository ffmpeg.
commit 1a5275bc3662bab85b371650337467f3ea830b83 Author: Timo Rothenpieler <[email protected]> AuthorDate: Sat Jan 3 19:55:56 2026 +0100 Commit: Michael Niedermayer <[email protected]> CommitDate: Tue May 5 18:54:55 2026 +0200 avcodec/notchlc: zero-initialize history buffer Otherwise a specially crafted bitstream can potentially read uninitialized stack memory. Fixes #YWH-PGM40646-37 (cherry picked from commit b5d6cfd55b3f61a27823899c4b26997ca5216024) Signed-off-by: Michael Niedermayer <[email protected]> --- libavcodec/notchlc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavcodec/notchlc.c b/libavcodec/notchlc.c index 15b383d626..2901cb263a 100644 --- a/libavcodec/notchlc.c +++ b/libavcodec/notchlc.c @@ -78,7 +78,7 @@ static int lz4_decompress(AVCodecContext *avctx, PutByteContext *pb) { unsigned reference_pos, match_length, delta, pos = 0; - uint8_t history[64 * 1024]; + uint8_t history[64 * 1024] = { 0 }; while (bytestream2_get_bytes_left(gb) > 0) { uint8_t token = bytestream2_get_byte(gb); _______________________________________________ ffmpeg-cvslog mailing list -- [email protected] To unsubscribe send an email to [email protected]
