avcodec/iff: ensure that runs with insufficient input dont leave uninitialized bytes in the output

Fixes use of uninitialized memory Fixes: msan_uninit-mem_7fa0dea15eae_8988_test.iff Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at>

avcodec/iff: ensure that runs with insufficient input dont leave uninitialized bytes in the output
Fixes use of uninitialized memory Fixes: msan_uninit-mem_7fa0dea15eae_8988_test.iff Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
4843227b · Michael Niedermayer · 7340718d · 4843227b
Commit 4843227b authored Jan 02, 2014 by Michael Niedermayer
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 4 deletions

iff.c libavcodec/iff.c +4 -4

No files found.
--- a/libavcodec/iff.c
+++ b/libavcodec/iff.c
@@ -488,12 +488,12 @@ static int decode_byterun(uint8_t *dst, int dst_size,
        unsigned length;
        const int8_t value = *buf++;
        if (value >= 0) {
-            length = value + 1;
+            length = FFMIN3(value + 1, dst_size - x, buf_end - buf);
-            memcpy(dst + x, buf, FFMIN3(length, dst_size - x, buf_end - buf));
+            memcpy(dst + x, buf, length);
            buf += length;
        } else if (value > -128) {
-            length = -value + 1;
+            length = FFMIN(-value + 1, dst_size - x);
-            memset(dst + x, *buf++, FFMIN(length, dst_size - x));
+            memset(dst + x, *buf++, length);
        } else { // noop
            continue;
        }