On Mon, Aug 05, 2024 at 02:08:06AM +0200, Kacper Michajlow wrote: > On Sun, 4 Aug 2024 at 16:23, Michael Niedermayer wrote: > > > > Fixes: use-of-uninitialized-value > > Fixes: 70837/clusterfuzz-testcase-minimized-ffmpeg_dem_JPEGXL_ANIM_fuzzer-5089407768526848 > > > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > > Signed-off-by: Michael Niedermayer > > --- > > libavformat/jpegxl_anim_dec.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/libavformat/jpegxl_anim_dec.c b/libavformat/jpegxl_anim_dec.c > > index ac95d3b9617..3045167e1f9 100644 > > --- a/libavformat/jpegxl_anim_dec.c > > +++ b/libavformat/jpegxl_anim_dec.c > > @@ -77,7 +77,7 @@ static int jpegxl_anim_read_header(AVFormatContext *s) > > JXLAnimDemuxContext *ctx = s->priv_data; > > AVIOContext *pb = s->pb; > > AVStream *st; > > - uint8_t head[256 + AV_INPUT_BUFFER_PADDING_SIZE]; > > + uint8_t head[256 + AV_INPUT_BUFFER_PADDING_SIZE] = {0}; > > const int sizeofhead = sizeof(head) - AV_INPUT_BUFFER_PADDING_SIZE; > > int headsize = 0, ret; > > FFJXLMetadata meta = { 0 }; > > -- > > 2.45.2 > > Not sure it is required to zero the whole buffer. I sent an > alternative patch some time ago, which clears only the relevant area. > https://patchwork.ffmpeg.org/project/ffmpeg/patch/20240627004037.1336-4-kasper93@gmail.com/ ill apply yours then instead thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB I am the wisest man alive, for I know one thing, and that is that I know nothing. -- Socrates