Mercurial > mplayer.hg

changeset 32620:231764e0b755

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Avoid using uninitialized data if index read does not return enough data.
author reimar
date Sun, 12 Dec 2010 14:31:17 +0000
parents 34c4e6ff7b17
children b6636da71bea
files libmpdemux/aviheader.c
diffstat 1 files changed, 3 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/libmpdemux/aviheader.c	Sun Dec 12 13:56:35 2010 +0000
+++ b/libmpdemux/aviheader.c	Sun Dec 12 14:31:17 2010 +0000
@@ -378,13 +378,15 @@
     if(demuxer->movi_end>stream_tell(demuxer->stream))
 	demuxer->movi_end=stream_tell(demuxer->stream); // fixup movi-end
     if(index_mode && !priv->isodml){
+      int read;
       int i;
       priv->idx_size=size2>>4;
       mp_msg(MSGT_HEADER,MSGL_V,MSGTR_MPDEMUX_AVIHDR_ReadingIndexBlockChunksForFrames,
         priv->idx_size,avih.dwTotalFrames, (int64_t)stream_tell(demuxer->stream));
       priv->idx=malloc(priv->idx_size<<4);
 //      printf("\nindex to %p !!!!! (priv=%p)\n",priv->idx,priv);
-      stream_read(demuxer->stream,(char*)priv->idx,priv->idx_size<<4);
+      read = stream_read(demuxer->stream,(char*)priv->idx,priv->idx_size<<4);
+      priv->idx_size = FFMAX(read, 0) >> 4;
       for (i = 0; i < priv->idx_size; i++) {	// swap index to machine endian
 	AVIINDEXENTRY *entry=(AVIINDEXENTRY*)priv->idx + i;
 	le2me_AVIINDEXENTRY(entry);