From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.ffmpeg.org (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by master.gitmailbox.com (Postfix) with ESMTPS id E44C34FAE5
	for <ffmpegdev@gitmailbox.com>; Thu, 26 Jun 2025 04:07:52 +0000 (UTC)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.ffmpeg.org (Postfix) with ESMTP id C8AB568E0CB;
	Thu, 26 Jun 2025 07:07:47 +0300 (EEST)
Received: from mail-pj1-f42.google.com (mail-pj1-f42.google.com
 [209.85.216.42])
 by ffbox0-bg.ffmpeg.org (Postfix) with ESMTPS id 936AF68DFF2
 for <ffmpeg-devel@ffmpeg.org>; Thu, 26 Jun 2025 07:07:40 +0300 (EEST)
Received: by mail-pj1-f42.google.com with SMTP id
 98e67ed59e1d1-3122a63201bso435054a91.0
 for <ffmpeg-devel@ffmpeg.org>; Wed, 25 Jun 2025 21:07:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1750910858; x=1751515658; darn=ffmpeg.org;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:from:to:cc:subject:date:message-id:reply-to;
 bh=XP9cAnT61QYIpv4Ys9iE/Kxri3r7cub7nJOdbCh2khU=;
 b=Di1VfmBXZVkHdO3LYR5jQ1qW285c7Rfl+wYqls4VNx7q2clVyS0F158eGsNh8JJhj9
 WWwNbOrb1kAakihVr6GQWN6bdF4ht9U9HkXw6hyspzQaggMFBot9sRXGa97LtHF5PonJ
 Zubs9gpY0UrnSXrz/m58IGpsx8yoaw8ypDJoABaprVyeDWNkQ9gvqapt8slmqABH/IXh
 n04Nh4i1GaEGSzays7GpLsYlWtkBWEhnfnbFpH5tP9pGHdxTagpBjZO17d1Mijsk9VtH
 LAe4wN4Hhshu0oHfuKJeQFzclf0vKrluFGfqREbP9IyZjliTS7/UXMoLo92EQBZt4U/k
 dmOw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1750910858; x=1751515658;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:x-gm-message-state:from:to:cc:subject:date:message-id
 :reply-to;
 bh=XP9cAnT61QYIpv4Ys9iE/Kxri3r7cub7nJOdbCh2khU=;
 b=AiOoCf7vfHQk8FiqIZcOlOTcnrlqo5SOaR4MZcHZfm1KvlC/aC3HBx5T9wOP4gXswT
 OKDJlrcz8eNtogrEpnzIYcbFEeHU2QQ11nGidptqnlR/3ItDF3e245EF8TgUWmqDROGm
 L/Pdy2pVs28pj9zmmIOh08e3lsj8+5WQJyvXDOnmJXqf8AKHBGUL12kK2/KaMmLrnb9F
 1PijqaM9Gj9/VuH5LjWA2qbVxQz15xUcaYkn2GXbSo6qBuupmJKQJZhtziZVXW3kVpau
 YsokS2Wp1U72xlvmu3jMCbWOkDp4wnUNvKGsiEJJQSN6gnFazSg2MU8v2q5i1NCbuWtO
 IzCw==
X-Gm-Message-State: AOJu0YybEiqhzXpdpk79W/w/smip0XhWwnjf5+ZFP/TTV7riGxlGpaOx
 ytn09pZXy5NWrc8x3UZTvmJEl59bAOvdEstOzlI2pI9Q3SGx/KGPBvgUaXQaWq2+pvF6wA==
X-Gm-Gg: ASbGnctbh5wgtuitHLFKfd9TLMIoxlMdzGaZcnD2KBCmMYegvqZnWSqz9kwJpDGfk53
 FQu6KCJgEgzKqrqtbdp4KA5inuz8ts7zCBQ3JjMLHnpLFb0brXpFgsonopW6AKvy+usqEOGFq+/
 ITBXf+13lxKNHYBXQzeaJ5rhGQXZTaeJwEOHaZgCFTYoA34IYmGWFAtFoj9+4/APju37CGdNK9z
 cPeYVqMnzbbcBA5C/s3MlRRvXI+wM33MXTkngNyGsR5RRfm1oGLLtb8c66bRkKiwKeoCu8cQHUC
 9dblcrRtLXH3Zvo24Hf/sciKLaAFLfzbwVo/H1mJVNeDUYPhqg6fNY6f26dkMX3pAU4v3fIiXJI
 nvkfXiwy4xYBQqHZ/ELMS3FCeU17C5mgCDlHlgjIBVBxx9ekKnUgkYTXZ+SbJoERMer6HuQ==
X-Google-Smtp-Source: AGHT+IEYMIiNBAUF3GpieZtQ8LZyuc+VrHG6Maey0uGbjL5Mtxe230oS38otkh/ERV65FqmiysOMfQ==
X-Received: by 2002:a17:90a:d610:b0:314:2bae:97d7 with SMTP id
 98e67ed59e1d1-315f25ecc0cmr7799729a91.15.1750910858128; 
 Wed, 25 Jun 2025 21:07:38 -0700 (PDT)
Received: from localhost.localdomain (n058152022194.netvigator.com.
 [58.152.22.194]) by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-315f539e69fsm3325026a91.11.2025.06.25.21.07.36
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 25 Jun 2025 21:07:37 -0700 (PDT)
From: xjdeng <micro6947-at-gmail.com@ffmpeg.org>
To: ffmpeg-devel@ffmpeg.org
Date: Thu, 26 Jun 2025 12:07:07 +0800
Message-Id: <20250626040707.1295-1-micro6947@gmail.com>
X-Mailer: git-send-email 2.27.0.windows.1
MIME-Version: 1.0
Subject: [FFmpeg-devel] [PATCH] libavcodec/utils: Ensure allocated buffer is
 zero-initialized
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Cc: xjdeng <micro6947@gmail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
Archived-At: <https://master.gitmailbox.com/ffmpegdev/20250626040707.1295-1-micro6947@gmail.com/>
List-Archive: <https://master.gitmailbox.com/ffmpegdev/>
List-Post: <mailto:ffmpegdev@gitmailbox.com>

In `av_fast_padded_mallocz`, the allocated buffer's zero-initialization is not guaranteed.
This is because it calls `av_fast_malloc`, which in turn calls `fast_malloc` with `zero_realloc=0`.
Consequently, the memory returned by the underlying `av_malloc` (used within `fast_malloc`)
is not guaranteed to be zero-initialized.

Furthermore, if `*size` is adjusted to be greater than `min_size + AV_INPUT_BUFFER_PADDING_SIZE`,
the subsequent `memset` operation will not cover the entire allocated buffer,
leaving a portion of it uninitialized.

To ensure the entire allocated buffer is properly zero-initialized, we should use `FFMAX`
to adjust the `memset` range.

Signed-off-by: xjdeng <micro6947@gmail.com>

---
 libavcodec/utils.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libavcodec/utils.c b/libavcodec/utils.c
index f2686b6863..e2afce71ef 100644
--- a/libavcodec/utils.c
+++ b/libavcodec/utils.c
@@ -72,8 +72,8 @@ void av_fast_padded_mallocz(void *ptr, unsigned int *size, size_t min_size)
         return;
     }
     av_fast_malloc(p, size, min_size + AV_INPUT_BUFFER_PADDING_SIZE);
-    if (*p)
-        memset(*p, 0, min_size + AV_INPUT_BUFFER_PADDING_SIZE);
+    if (*p) 
+        memset(*p, 0, FFMAX(*size, min_size + AV_INPUT_BUFFER_PADDING_SIZE));
 }
 
 int av_codec_is_encoder(const AVCodec *avcodec)
-- 
2.27.0.windows.1

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".