From e49c2aab80cb7e6c85642cc4afd0ea471d6ef4b1 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michaelni@gmx.at>
Date: Wed, 23 Jan 2013 04:41:41 +0100
Subject: [PATCH] truemotion2: clear the token array if its initialization
 fails.

Fixes use of uninitialized and half initialized values, which
can occur on several error pathes

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
---
 libavcodec/truemotion2.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/libavcodec/truemotion2.c b/libavcodec/truemotion2.c
index fba02f5a04..39091dc70a 100644
--- a/libavcodec/truemotion2.c
+++ b/libavcodec/truemotion2.c
@@ -888,6 +888,8 @@ static int decode_frame(AVCodecContext *avctx,
         t = tm2_read_stream(l, l->buffer + offset, tm2_stream_order[i],
                             buf_size - offset);
         if (t < 0) {
+            int j = tm2_stream_order[i];
+            memset(l->tokens[j], 0, sizeof(**l->tokens) * l->tok_lens[j]);
             return t;
         }
         offset += t;