diff options
| author | Andreas Rheinhardt <andreas.rheinhardt@outlook.com> | 2024-08-06 19:47:49 +0200 |
|---|---|---|
| committer | Andreas Rheinhardt <andreas.rheinhardt@outlook.com> | 2024-08-06 20:25:23 +0200 |
| commit | bfcee368e28823b1289240ae061ccc8ee28cf33e (patch) | |
| tree | 12c4279f07edcdfbd7b6a5f333c98e26f0217bc0 | |
| parent | 5dfc0cc84129758b4eab2acdc3e186c3116deacd (diff) | |
| download | ffmpeg-bfcee368e28823b1289240ae061ccc8ee28cf33e.tar.gz | |
avcodec/cbs_sei: Always zero-initialize SEI payload
Fixes: Use-of-uninitialized value
Fixes: clusterfuzz-testcase-minimized-ffmpeg_BSF_H264_METADATA_fuzzer-5458626041413632
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
| -rw-r--r-- | libavcodec/cbs_sei.c | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/libavcodec/cbs_sei.c b/libavcodec/cbs_sei.c index eefa07cf00..458751d92e 100644 --- a/libavcodec/cbs_sei.c +++ b/libavcodec/cbs_sei.c @@ -41,7 +41,6 @@ int ff_cbs_sei_alloc_message_payload(SEIRawMessage *message, const SEIMessageTypeDescriptor *desc) { void (*free_func)(FFRefStructOpaque, void*); - unsigned flags = 0; av_assert0(message->payload == NULL && message->payload_ref == NULL); @@ -53,10 +52,9 @@ int ff_cbs_sei_alloc_message_payload(SEIRawMessage *message, free_func = &cbs_free_user_data_unregistered; else { free_func = NULL; - flags = FF_REFSTRUCT_FLAG_NO_ZEROING; } - message->payload_ref = ff_refstruct_alloc_ext(desc->size, flags, + message->payload_ref = ff_refstruct_alloc_ext(desc->size, 0, NULL, free_func); if (!message->payload_ref) return AVERROR(ENOMEM); |