[MPlayer-dev-eng] [PATCH] Fix uninitialized memory read in vd_ffmpeg.c
Reimar Döffinger
Reimar.Doeffinger at gmx.de
Thu Mar 10 20:55:05 CET 2011
On Thu, Mar 10, 2011 at 02:25:12AM +0200, Ivan Kalvachev wrote:
> On 3/9/11, Tobias Diedrich <ranma at tdiedrich.de> wrote:
> > Reimar Döffinger wrote:
> >> Required padding is 32 bytes, so this will not use uninitialized data
> >> (unless len is 0 and data NULL I guess - seems like that has never
> >> happened
> >> so far though).
> >> Since in addition this change means you can no longer debug packages
> >> shorter
> >> than 16 bytes I'm rather against it.
> >
> > How about this?
> >
> > Index: mplayer-svn-vanilla/libmpcodecs/vd_ffmpeg.c
> > ===================================================================
> > --- mplayer-svn-vanilla.orig/libmpcodecs/vd_ffmpeg.c 2011-02-10
> > 21:44:56.791660244 +0100
> > +++ mplayer-svn-vanilla/libmpcodecs/vd_ffmpeg.c 2011-03-09
> > 22:25:17.415539937 +0100
> > @@ -828,8 +828,14 @@
> >
> > avctx->hurry_up=(flags&3)?((flags&2)?2:1):0;
> >
> > - mp_msg(MSGT_DECVIDEO, MSGL_DBG2, "vd_ffmpeg data: %04x, %04x, %04x,
> > %04x\n",
> > - ((int *)data)[0], ((int *)data)[1], ((int *)data)[2], ((int
> > *)data)[3]);
> > + if (mp_msg_test(MSGT_DECVIDEO, MSGL_DBG2)) {
> > + int buf[4] = { 0, 0, 0, 0 };
> > + memcpy(buf, data, len > sizeof(buf) ? sizeof(buf) : len);
> > + mp_msg(MSGT_DECVIDEO, MSGL_DBG2,
> > + "vd_ffmpeg data: %04x, %04x, %04x, %04x\n",
> > + buf[0], buf[1], buf[2], buf[3]);
> > + }
> > +
> > av_init_packet(&pkt);
> > pkt.data = data;
> > pkt.size = len;
Well, I said that this should not use uninitialized data anyway,
so the question still remains: why?
> Is there some reason to output it as 32bit numbers?
> If I understand correctly it holds bitstream data.
> It would be much simpler if it is output as bytes.
Depends on the exact bitstream format, but it really
doesn't make much of a difference.
It's less code to use it as 32 bit values.
More information about the MPlayer-dev-eng
mailing list