avformat/nutdec: check avio_read() return code

Fixes use of uninitialized memory Fixes: msan_uninit-mem_7f2785ab8669_6838_mewmew_vorbis_ssa.nut Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
author: Michael Niedermayer <michaelni@gmx.at> 2014-01-06 22:58:24 +0100
committer: Michael Niedermayer <michaelni@gmx.at> 2014-01-07 00:26:33 +0100
commit: 71fe97a60ad7dd6fe15238ca0eee1ed3121b5f80 (patch)
tree: 2f1208db485549991a5a8664329a63f6517aa6d3
parent: 523a803b7352564fcd28ec6d5dc0bfb6f8c5534f (diff)
download: ffmpeg-71fe97a60ad7dd6fe15238ca0eee1ed3121b5f80.tar.gz
1 files changed, 7 insertions, 1 deletions
diff --git a/libavformat/nutdec.c b/libavformat/nutdec.c
index 2adc860f32..250e13fd9a 100644
--- a/libavformat/nutdec.c
+++ b/libavformat/nutdec.c
@@ -970,6 +970,7 @@ static int decode_frame(NUTContext *nut, AVPacket *pkt, int frame_code)
     int64_t pts, last_IP_pts;
     StreamContext *stc;
     uint8_t header_idx;
+    int ret;
 
     size = decode_frame_header(nut, &pts, &stream_id, &header_idx, frame_code);
     if (size < 0)
@@ -1006,7 +1007,12 @@ static int decode_frame(NUTContext *nut, AVPacket *pkt, int frame_code)
         pkt->size -= sm_size;
     }
 
-    avio_read(bc, pkt->data + nut->header_len[header_idx], size);
+    ret = avio_read(bc, pkt->data + nut->header_len[header_idx], size);
+    if (ret != size) {
+        if (ret < 0)
+            return ret;
+        av_shrink_packet(pkt, nut->header_len[header_idx] + size);
+    }
 
     pkt->stream_index = stream_id;
     if (stc->last_flags & FLAG_KEY)
author	Michael Niedermayer <michaelni@gmx.at>	2014-01-06 22:58:24 +0100
committer	Michael Niedermayer <michaelni@gmx.at>	2014-01-07 00:26:33 +0100
commit	71fe97a60ad7dd6fe15238ca0eee1ed3121b5f80 (patch)
tree	2f1208db485549991a5a8664329a63f6517aa6d3
parent	523a803b7352564fcd28ec6d5dc0bfb6f8c5534f (diff)
download	ffmpeg-71fe97a60ad7dd6fe15238ca0eee1ed3121b5f80.tar.gz