checkMarker (ADM_tsPlugin.cpp) reads past the end of buffer

Started by ajschult, December 02, 2012, 04:49:03 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

ajschult

December 02, 2012, 04:49:03 AM
checkMarker reads past the end of buffer.  To hit this, I opened avidemux without any file and then file->open and selected a file.  valgrind complains:

Code Select

Conditional jump or move depends on uninitialised value(s)
   at 0x144E7815: checkMarker(unsigned char*, unsigned int, unsigned int) (ADM_tsPlugin.cpp:140)
   by 0x144E773E: detectTs(char const*) (ADM_tsPlugin.cpp:111)
   by 0x144E7467: probe (ADM_tsPlugin.cpp:40)
   by 0x6B5BF13: ADM_demuxerSpawn(unsigned int, char const*) (in /usr/lib64/libADM_coreDemuxer6.so)

Conditional jump or move depends on uninitialised value(s)
   at 0x144E783E: checkMarker(unsigned char*, unsigned int, unsigned int) (ADM_tsPlugin.cpp:146)
   by 0x144E773E: detectTs(char const*) (ADM_tsPlugin.cpp:111)
   by 0x144E7467: probe (ADM_tsPlugin.cpp:40)
   by 0x6B5BF13: ADM_demuxerSpawn(unsigned int, char const*) (in /usr/lib64/libADM_coreDemuxer6.so)


Code Select

- while(*buffer!=TS_MARKER && buffer<end)
+ while(buffer<end && *buffer!=TS_MARKER)


and

Code Select

- if(*buffer!=TS_MARKER) break;
+ if(buffer==end || *buffer!=TS_MARKER) break;

mean

#1
December 02, 2012, 08:20:50 AM
Merged, thanks
Print
Go Up Pages1
User actions