Print Page - checkMarker (ADM_tsPlugin.cpp) reads past the end of buffer

Title: checkMarker (ADM_tsPlugin.cpp) reads past the end of buffer
Post by: ajschult on December 02, 2012, 04:49:03 AM

checkMarker reads past the end of buffer. To hit this, I opened avidemux without any file and then file->open and selected a file. valgrind complains:

Code Select


Conditional jump or move depends on uninitialised value(s)
   at 0x144E7815: checkMarker(unsigned char*, unsigned int, unsigned int) (ADM_tsPlugin.cpp:140)
   by 0x144E773E: detectTs(char const*) (ADM_tsPlugin.cpp:111)
   by 0x144E7467: probe (ADM_tsPlugin.cpp:40)
   by 0x6B5BF13: ADM_demuxerSpawn(unsigned int, char const*) (in /usr/lib64/libADM_coreDemuxer6.so)

Conditional jump or move depends on uninitialised value(s)
   at 0x144E783E: checkMarker(unsigned char*, unsigned int, unsigned int) (ADM_tsPlugin.cpp:146)
   by 0x144E773E: detectTs(char const*) (ADM_tsPlugin.cpp:111)
   by 0x144E7467: probe (ADM_tsPlugin.cpp:40)
   by 0x6B5BF13: ADM_demuxerSpawn(unsigned int, char const*) (in /usr/lib64/libADM_coreDemuxer6.so)

Code Select


- while(*buffer!=TS_MARKER && buffer<end)
+ while(buffer<end && *buffer!=TS_MARKER)

and

Code Select


- if(*buffer!=TS_MARKER) break;
+ if(buffer==end || *buffer!=TS_MARKER) break;

Title: Re: checkMarker (ADM_tsPlugin.cpp) reads past the end of buffer
Post by: mean on December 02, 2012, 08:20:50 AM

Merged, thanks

Avidemux Forum

Avidemux => Main version 2.6 => Topic started by: ajschult on December 02, 2012, 04:49:03 AM