diff options
author | Reimar Döffinger <Reimar.Doeffinger@gmx.de> | 2011-12-30 10:42:55 +0100 |
---|---|---|
committer | Reimar Döffinger <Reimar.Doeffinger@gmx.de> | 2011-12-31 16:31:15 +0100 |
commit | 42a1f1d7a8cf67eed68db596d6a1e53c0c36e4ab (patch) | |
tree | 0277bc963343cfe4268b33097c49b920ab2cba47 | |
parent | 4962edf88926ae2b06260eb50dbc96dcd4199784 (diff) | |
download | ffmpeg-42a1f1d7a8cf67eed68db596d6a1e53c0c36e4ab.tar.gz |
Avoid uninitialized data in lcldec when ofs is 0 in MSZH.
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
-rw-r--r-- | libavcodec/lcldec.c | 8 | ||||
-rw-r--r-- | libavutil/lzo.h | 3 |
2 files changed, 7 insertions, 4 deletions
diff --git a/libavcodec/lcldec.c b/libavcodec/lcldec.c index e288fc3f63..57b04f79f1 100644 --- a/libavcodec/lcldec.c +++ b/libavcodec/lcldec.c @@ -96,7 +96,13 @@ static unsigned int mszh_decomp(const unsigned char * srcptr, int srclen, unsign ofs = FFMIN(ofs, destptr - destptr_bak); cnt *= 4; cnt = FFMIN(cnt, destptr_end - destptr); - av_memcpy_backptr(destptr, ofs, cnt); + if (ofs) { + av_memcpy_backptr(destptr, ofs, cnt); + } else { + // Not known what the correct behaviour is, but + // this at least avoids uninitialized data. + memset(destptr, 0, cnt); + } destptr += cnt; } maskbit >>= 1; diff --git a/libavutil/lzo.h b/libavutil/lzo.h index 379c08c8c7..060b5c9d76 100644 --- a/libavutil/lzo.h +++ b/libavutil/lzo.h @@ -67,9 +67,6 @@ int av_lzo1x_decode(void *out, int *outlen, const void *in, int *inlen); * * cnt > back is valid, this will copy the bytes we just copied, * thus creating a repeating pattern with a period length of back. - * Note that lcldec currently can set back == 0 - which is wrong and - * makes no sense, but the code should at least avoid crashing or hanging - * for this case. */ void av_memcpy_backptr(uint8_t *dst, int back, int cnt); |