This is an automated email from the git hooks/post-receive script. Git pushed a commit to branch release/5.1 in repository ffmpeg.
commit 08070d1e5311147c79a661f8ee7aca89204f962a Author: Timo Rothenpieler <[email protected]> AuthorDate: Sat Jan 3 19:55:56 2026 +0100 Commit: Michael Niedermayer <[email protected]> CommitDate: Tue May 5 15:20:57 2026 +0200 avcodec/notchlc: zero-initialize history buffer Otherwise a specially crafted bitstream can potentially read uninitialized stack memory. Fixes #YWH-PGM40646-37 (cherry picked from commit b5d6cfd55b3f61a27823899c4b26997ca5216024) Signed-off-by: Michael Niedermayer <[email protected]> --- libavcodec/notchlc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavcodec/notchlc.c b/libavcodec/notchlc.c index ec33de731e..fbf602316b 100644 --- a/libavcodec/notchlc.c +++ b/libavcodec/notchlc.c @@ -79,7 +79,7 @@ static int lz4_decompress(AVCodecContext *avctx, PutByteContext *pb) { unsigned reference_pos, match_length, delta, pos = 0; - uint8_t history[64 * 1024]; + uint8_t history[64 * 1024] = { 0 }; while (bytestream2_get_bytes_left(gb) > 0) { uint8_t token = bytestream2_get_byte(gb); _______________________________________________ ffmpeg-cvslog mailing list -- [email protected] To unsubscribe send an email to [email protected]
