This is an automated email from the git hooks/post-receive script. Git pushed a commit to branch release/4.4 in repository ffmpeg.
commit 93818dbb61b40ab59e5c71f2ceaeed1293b267e3 Author: Michael Niedermayer <[email protected]> AuthorDate: Mon Jan 19 22:33:00 2026 +0100 Commit: Michael Niedermayer <[email protected]> CommitDate: Tue May 5 18:54:59 2026 +0200 avcodec/dca_xll: Clear padding in ff_dca_xll_parse() Fixes: Use of uninitialized memory Fixes: 472020020/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DCA_DEC_fuzzer-6433045331902464 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]> (cherry picked from commit af86f0ffcc0c7d1e7f36a3d9f602c196008d0e60) Signed-off-by: Michael Niedermayer <[email protected]> --- libavcodec/dca_xll.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libavcodec/dca_xll.c b/libavcodec/dca_xll.c index 56e89cc1d2..e86dd85375 100644 --- a/libavcodec/dca_xll.c +++ b/libavcodec/dca_xll.c @@ -1082,6 +1082,7 @@ static int copy_to_pbr(DCAXllDecoder *s, uint8_t *data, int size, int delay) return AVERROR(ENOMEM); memcpy(s->pbr_buffer, data, size); + memset(s->pbr_buffer + size, 0, AV_INPUT_BUFFER_PADDING_SIZE); s->pbr_length = size; s->pbr_delay = delay; return 0; @@ -1136,6 +1137,7 @@ static int parse_frame_pbr(DCAXllDecoder *s, uint8_t *data, int size, DCAExssAss memcpy(s->pbr_buffer + s->pbr_length, data, size); s->pbr_length += size; + memset(s->pbr_buffer + s->pbr_length, 0, AV_INPUT_BUFFER_PADDING_SIZE); // Respect decoding delay after synchronization error if (s->pbr_delay > 0 && --s->pbr_delay) _______________________________________________ ffmpeg-cvslog mailing list -- [email protected] To unsubscribe send an email to [email protected]
