Author Topic: uninitialized memory read when opening FLV  (Read 1813 times)

ajschult

  • Jr. Member
  • **
  • Posts: 98
uninitialized memory read when opening FLV
« on: November 28, 2012, 04:04:00 AM »
When opening http://rheneas.eng.buffalo.edu/~andrew/fatkid.flv with avidemux, valgrind sees an uninitialized memory read in flvHeader::open.  The while loop tries to check that 15 more bytes exist to be read but |pos| is the position of the file at the beginning of the previous iteration (before the previous tag was read).  The result is that |size| is uninitialized but seems to be 0 (probably depends on compiler, or on how forgiving fread is).

Code: [Select]
-  while(pos<fileSize-14)
+  while((pos=ftell(_fd)) <fileSize-14)

seems to fix it (and delete the |pos=ftell(_fd)| below)

Bogus headers could result in additional problems; if the file has only 15 bytes left and |type| is valid and |size>0|, then the code will attempt to continue reading the rest of the non-existent tag.  The code could check that pos+15+size <= fileSize

mean

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 10966
Re: uninitialized memory read when opening FLV
« Reply #1 on: November 28, 2012, 06:24:27 PM »
will check that when i'm back home