On Mon, Aug 05, 2024 at 02:02:07AM +0200, Kacper Michajlow wrote:
> On Sun, 4 Aug 2024 at 22:53, Michael Niedermayer <michael@niedermayer.cc> wrote:
> >
> > Fixes: use-of-uninitialized-value
> > Fixes: 70852/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5179190066872320
> >
> > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> > ---
> >  libavcodec/parser.c | 1 +
> >  1 file changed, 1 insertion(+)
> >
> > diff --git a/libavcodec/parser.c b/libavcodec/parser.c
> > index af17ee9c156..426cc314fb0 100644
> > --- a/libavcodec/parser.c
> > +++ b/libavcodec/parser.c
> > @@ -236,6 +236,7 @@ int ff_combine_frame(ParseContext *pc, int next,
> >          }
> >          pc->buffer = new_buffer;
> >          memcpy(&pc->buffer[pc->index], *buf, *buf_size);
> > +        memset(&pc->buffer[pc->index + *buf_size], 0, AV_INPUT_BUFFER_PADDING_SIZE);
> >          pc->index += *buf_size;
> >          return -1;
> >      }
> > --
> > 2.45.2
> 
> We already had patch like that some time ago,
> https://patchwork.ffmpeg.org/project/ffmpeg/patch/20240627004037.1336-2-kasper93@gmail.com/

will apply yours, somehow i missed these

thx

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

What does censorship reveal? It reveals fear. -- Julian Assange