mirror of
https://git.ffmpeg.org/ffmpeg.git
synced 2024-09-19 12:56:40 +00:00
avcodec/cbs_sei: Always zero-initialize SEI payload
Fixes: Use-of-uninitialized value Fixes: clusterfuzz-testcase-minimized-ffmpeg_BSF_H264_METADATA_fuzzer-5458626041413632 Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
This commit is contained in:
parent
5dfc0cc841
commit
bfcee368e2
@ -41,7 +41,6 @@ int ff_cbs_sei_alloc_message_payload(SEIRawMessage *message,
|
|||||||
const SEIMessageTypeDescriptor *desc)
|
const SEIMessageTypeDescriptor *desc)
|
||||||
{
|
{
|
||||||
void (*free_func)(FFRefStructOpaque, void*);
|
void (*free_func)(FFRefStructOpaque, void*);
|
||||||
unsigned flags = 0;
|
|
||||||
|
|
||||||
av_assert0(message->payload == NULL &&
|
av_assert0(message->payload == NULL &&
|
||||||
message->payload_ref == NULL);
|
message->payload_ref == NULL);
|
||||||
@ -53,10 +52,9 @@ int ff_cbs_sei_alloc_message_payload(SEIRawMessage *message,
|
|||||||
free_func = &cbs_free_user_data_unregistered;
|
free_func = &cbs_free_user_data_unregistered;
|
||||||
else {
|
else {
|
||||||
free_func = NULL;
|
free_func = NULL;
|
||||||
flags = FF_REFSTRUCT_FLAG_NO_ZEROING;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
message->payload_ref = ff_refstruct_alloc_ext(desc->size, flags,
|
message->payload_ref = ff_refstruct_alloc_ext(desc->size, 0,
|
||||||
NULL, free_func);
|
NULL, free_func);
|
||||||
if (!message->payload_ref)
|
if (!message->payload_ref)
|
||||||
return AVERROR(ENOMEM);
|
return AVERROR(ENOMEM);
|
||||||
|
Loading…
Reference in New Issue
Block a user