aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorReimar Döffinger <Reimar.Doeffinger@gmx.de>2011-12-30 10:42:55 +0100
committerReimar Döffinger <Reimar.Doeffinger@gmx.de>2011-12-31 16:31:15 +0100
commit42a1f1d7a8cf67eed68db596d6a1e53c0c36e4ab (patch)
tree0277bc963343cfe4268b33097c49b920ab2cba47
parent4962edf88926ae2b06260eb50dbc96dcd4199784 (diff)
downloadffmpeg-42a1f1d7a8cf67eed68db596d6a1e53c0c36e4ab.tar.gz
Avoid uninitialized data in lcldec when ofs is 0 in MSZH.
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
-rw-r--r--libavcodec/lcldec.c8
-rw-r--r--libavutil/lzo.h3
2 files changed, 7 insertions, 4 deletions
diff --git a/libavcodec/lcldec.c b/libavcodec/lcldec.c
index e288fc3f63..57b04f79f1 100644
--- a/libavcodec/lcldec.c
+++ b/libavcodec/lcldec.c
@@ -96,7 +96,13 @@ static unsigned int mszh_decomp(const unsigned char * srcptr, int srclen, unsign
ofs = FFMIN(ofs, destptr - destptr_bak);
cnt *= 4;
cnt = FFMIN(cnt, destptr_end - destptr);
- av_memcpy_backptr(destptr, ofs, cnt);
+ if (ofs) {
+ av_memcpy_backptr(destptr, ofs, cnt);
+ } else {
+ // Not known what the correct behaviour is, but
+ // this at least avoids uninitialized data.
+ memset(destptr, 0, cnt);
+ }
destptr += cnt;
}
maskbit >>= 1;
diff --git a/libavutil/lzo.h b/libavutil/lzo.h
index 379c08c8c7..060b5c9d76 100644
--- a/libavutil/lzo.h
+++ b/libavutil/lzo.h
@@ -67,9 +67,6 @@ int av_lzo1x_decode(void *out, int *outlen, const void *in, int *inlen);
*
* cnt > back is valid, this will copy the bytes we just copied,
* thus creating a repeating pattern with a period length of back.
- * Note that lcldec currently can set back == 0 - which is wrong and
- * makes no sense, but the code should at least avoid crashing or hanging
- * for this case.
*/
void av_memcpy_backptr(uint8_t *dst, int back, int cnt);