On Thu, Dec 4, 2014 at 7:14 PM, Vittorio Giovara <[email protected]> wrote: > From: Michael Niedermayer <[email protected]> > > Sample-Id: > msan_uninit-mem_7f3f90a8606a_3018_Sequence_1-Apple_ProRes_422_LT.mov > Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind > Signed-off-by: Vittorio Giovara <[email protected]> > --- > libavformat/mov.c | 7 +++++-- > 1 file changed, 5 insertions(+), 2 deletions(-) > > diff --git a/libavformat/mov.c b/libavformat/mov.c > index 7f288cc..e433f87 100644 > --- a/libavformat/mov.c > +++ b/libavformat/mov.c > @@ -348,7 +348,9 @@ static int mov_read_udta_string(MOVContext *c, > AVIOContext *pb, MOVAtom atom) > if (data_type == 3 || (data_type == 0 && (langcode < 0x400 || > langcode == 0x7fff))) { // MAC Encoded > mov_read_mac_string(c, pb, str_size, str, str_size_alloc); > } else { > - avio_read(pb, str, str_size); > + int ret = avio_read(pb, str, str_size); > + if (ret != str_size) > + return ret < 0 ? ret : AVERROR_INVALIDDATA; > str[str_size] = 0; > } > c->fc->event_flags |= AVFMT_EVENT_FLAG_METADATA_UPDATED; > @@ -477,7 +479,8 @@ static int mov_read_dref(MOVContext *c, AVIOContext *pb, > MOVAtom atom) > dref->path = av_mallocz(len+1); > if (!dref->path) > return AVERROR(ENOMEM); > - avio_read(pb, dref->path, len); > + if (avio_read(pb, dref->path, len) != len) > + return pb->error ? pb->error : AVERROR_EOF; > if (len > volume_len && !strncmp(dref->path, > dref->volume, volume_len)) { > len -= volume_len; > memmove(dref->path, dref->path+volume_len, len); > -- > 1.9.3 (Apple Git-50) >
ping -- Vittorio _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
