Avoid uninitialized data in lcldec when ofs is 0 in MSZH.

Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>

Avoid uninitialized data in lcldec when ofs is 0 in MSZH.
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
42a1f1d7 · Reimar Döffinger · 4962edf8 · 42a1f1d7 · 42a1f1d7
Commit 42a1f1d7 authored Dec 30, 2011 by Reimar Döffinger
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 4 deletions

lcldec.c libavcodec/lcldec.c +7 -1

lzo.h libavutil/lzo.h +0 -3

No files found.
--- a/libavcodec/lcldec.c
+++ b/libavcodec/lcldec.c
@@ -96,7 +96,13 @@ static unsigned int mszh_decomp(const unsigned char * srcptr, int srclen, unsign
            ofs = FFMIN(ofs, destptr - destptr_bak);
            cnt *= 4;
            cnt = FFMIN(cnt, destptr_end - destptr);
-            av_memcpy_backptr(destptr, ofs, cnt);
+            if (ofs) {
+                av_memcpy_backptr(destptr, ofs, cnt);
+            } else {
+                // Not known what the correct behaviour is, but
+                // this at least avoids uninitialized data.
+                memset(destptr, 0, cnt);
+            }
            destptr += cnt;
        }
        maskbit >>= 1;

--- a/libavutil/lzo.h
+++ b/libavutil/lzo.h
@@ -67,9 +67,6 @@ int av_lzo1x_decode(void *out, int *outlen, const void *in, int *inlen);
 *
 * cnt > back is valid, this will copy the bytes we just copied,
 * thus creating a repeating pattern with a period length of back.
- * Note that lcldec currently can set back == 0 - which is wrong and
- * makes no sense, but the code should at least avoid crashing or hanging
- * for this case.
 */
 void av_memcpy_backptr(uint8_t *dst, int back, int cnt);