From f5d039840aca64d0ce79cd08e64423833becf570 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Thu, 19 Dec 2013 04:38:16 +0100 Subject: [PATCH] avformat/swfdec: clear 4 bytes at the end of a packet if they are not initialized Fixes use of uninitialized memory Fixes part of msan_uninit-mem_7f055dd0ab1b_9558_videopop_guitar_300k.swf Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer --- libavformat/swfdec.c | 1 + 1 file changed, 1 insertion(+) diff --git a/libavformat/swfdec.c b/libavformat/swfdec.c index c36c024168..c95b18ec6c 100644 --- a/libavformat/swfdec.c +++ b/libavformat/swfdec.c @@ -455,6 +455,7 @@ bitmap_end_skip: /* old SWF files containing SOI/EOI as data start */ /* files created by swink have reversed tag */ pkt->size -= 4; + memset(pkt->data+pkt->size, 0, 4); res = avio_read(pb, pkt->data, pkt->size); } else { res = avio_read(pb, pkt->data + 4, pkt->size - 4);