From fde74d1b9d338e2f9c9d7eac2023388d59c98543 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michaelni@gmx.at>
Date: Thu, 19 Dec 2013 01:48:15 +0100
Subject: avformat/swfdec: check avio_read() return code

Fixes use of uninitialized memory
Fixes msan_uninit-mem_7f90d9cce964_9558_videopop_guitar_300k.swf
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
---
 libavformat/swfdec.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'libavformat/swfdec.c')

diff --git a/libavformat/swfdec.c b/libavformat/swfdec.c
index e6ceec818a..c77e28f0c9 100644
--- a/libavformat/swfdec.c
+++ b/libavformat/swfdec.c
@@ -446,7 +446,10 @@ bitmap_end_skip:
                 goto skip;
             if ((res = av_new_packet(pkt, len)) < 0)
                 return res;
-            avio_read(pb, pkt->data, 4);
+            if (avio_read(pb, pkt->data, 4) != 4) {
+                av_free_packet(pkt);
+                return AVERROR_INVALIDDATA;
+            }
             if (AV_RB32(pkt->data) == 0xffd8ffd9 ||
                 AV_RB32(pkt->data) == 0xffd9ffd8) {
                 /* old SWF files containing SOI/EOI as data start */
-- 
cgit v1.2.3