From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by master.gitmailbox.com (Postfix) with ESMTP id 059744753A
	for <ffmpegdev@gitmailbox.com>; Thu,  8 Aug 2024 16:12:29 +0000 (UTC)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 1D3F068D974;
	Thu,  8 Aug 2024 19:12:27 +0300 (EEST)
Received: from relay4-d.mail.gandi.net (relay4-d.mail.gandi.net
 [217.70.183.196])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id B3B4568D8EC
 for <ffmpeg-devel@ffmpeg.org>; Thu,  8 Aug 2024 19:12:20 +0300 (EEST)
Received: by mail.gandi.net (Postfix) with ESMTPSA id F21D1E0002
 for <ffmpeg-devel@ffmpeg.org>; Thu,  8 Aug 2024 16:12:19 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc;
 s=gm1; t=1723133540;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:mime-version:mime-version:content-type:content-type:
 in-reply-to:in-reply-to:references:references;
 bh=dWrE4xfShmOwnOTWvbcJ8SzeDHgBTE+WQkwgU9o5IL8=;
 b=F9nmzeRGopSKGk/GgZU5bk7UQOYTXlLr3hHMb8G3SsEebGW8yVUHgRCifpU6tRJRKScNMm
 hzgiawVC4+mzOtlaZWf8KsTSwSUMQDefcyEGBjMuZh7BE/LBZq95VbV6NO3qyESWLu8zK/
 MGQaykcXXxyzERcDu0kVAboWKSCCvOdC8rztnC/6uuCWj0s70Eoroe9xkazoT8CqiJ7V9z
 JDAgfWDQZM5BcS+hNyk45amm8tQuYyFwoM41nnEqHlZd2MKpRRn+3KwOnutvJoCjnXXM07
 UqJfETOHUDItixypy4AyKGc5X6otgtXyBZtDHJ2fJpME8wnJBDlcDZA9odobZQ==
Date: Thu, 8 Aug 2024 18:12:19 +0200
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Message-ID: <20240808161219.GY4991@pb2>
References: <20240807140920.1583-1-kasper93@gmail.com>
 <7da54809-8a5b-4c58-945c-bc3066405143@gmail.com>
MIME-Version: 1.0
In-Reply-To: <7da54809-8a5b-4c58-945c-bc3066405143@gmail.com>
X-GND-Sasl: michael@niedermayer.cc
Subject: Re: [FFmpeg-devel] [PATCH] avformat/mov: ensure required number of
 bytes is read
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Content-Type: multipart/mixed; boundary="===============2040835977589693460=="
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
Archived-At: <https://master.gitmailbox.com/ffmpegdev/20240808161219.GY4991@pb2/>
List-Archive: <https://master.gitmailbox.com/ffmpegdev/>
List-Post: <mailto:ffmpegdev@gitmailbox.com>


--===============2040835977589693460==
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="GDJz/W9bdKrCnJLF"
Content-Disposition: inline


--GDJz/W9bdKrCnJLF
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Aug 08, 2024 at 01:09:01PM -0300, James Almer wrote:
> On 8/7/2024 11:09 AM, Kacper Michaj=C5=82ow wrote:
> > Fixes: use-of-uninitialized-value
> >=20
> > Found by OSS-Fuzz.
> > ---
> >   libavformat/mov.c | 2 +-
> >   1 file changed, 1 insertion(+), 1 deletion(-)
> >=20
> > diff --git a/libavformat/mov.c b/libavformat/mov.c
> > index 1052691936..f2d8aee766 100644
> > --- a/libavformat/mov.c
> > +++ b/libavformat/mov.c
> > @@ -7096,7 +7096,7 @@ static int mov_read_free(MOVContext *c, AVIOConte=
xt *pb, MOVAtom atom)
> >       if (atom.size < 8)
> >           return 0;
> > -    ret =3D avio_read(pb, content, FFMIN(sizeof(content), atom.size));
> > +    ret =3D ffio_read_size(pb, content, FFMIN(sizeof(content), atom.si=
ze));
> >       if (ret < 0)
> >           return ret;
>=20
> Unrelated (somewhat) to this patch, but why does ffio_read_size() replace
> EOF with INVALIDDATA? Is it a good idea to mask the former?

EOF might be interpreted as normal / no error end of file i guess

thx

[...]

--=20
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

If you drop bombs on a foreign country and kill a hundred thousand
innocent people, expect your government to call the consequence
"unprovoked inhuman terrorist attacks" and use it to justify dropping
more bombs and killing more people. The technology changed, the idea is old.

--GDJz/W9bdKrCnJLF
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iF0EABEKAB0WIQSf8hKLFH72cwut8TNhHseHBAsPqwUCZrTuYwAKCRBhHseHBAsP
q/QeAJ9/yejy74gb3fKzuRvPRckbVf1R3gCfaaE8KyJgiycpa1wKTjxWP162Mis=
=+I32
-----END PGP SIGNATURE-----

--GDJz/W9bdKrCnJLF--

--===============2040835977589693460==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

--===============2040835977589693460==--