This is an automated email from the git hooks/post-receive script. Git pushed a commit to branch release/5.1 in repository ffmpeg.
commit a3264dee79355beeb13683cfc04b9f13819b2b1c Author: Michael Niedermayer <[email protected]> AuthorDate: Mon Jan 19 22:33:00 2026 +0100 Commit: Michael Niedermayer <[email protected]> CommitDate: Tue May 5 15:21:00 2026 +0200 avcodec/dca_xll: Clear padding in ff_dca_xll_parse() Fixes: Use of uninitialized memory Fixes: 472020020/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DCA_DEC_fuzzer-6433045331902464 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]> (cherry picked from commit af86f0ffcc0c7d1e7f36a3d9f602c196008d0e60) Signed-off-by: Michael Niedermayer <[email protected]> --- libavcodec/dca_xll.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libavcodec/dca_xll.c b/libavcodec/dca_xll.c index 5e94aebb35..dfb15ec8c2 100644 --- a/libavcodec/dca_xll.c +++ b/libavcodec/dca_xll.c @@ -1084,6 +1084,7 @@ static int copy_to_pbr(DCAXllDecoder *s, const uint8_t *data, int size, int dela return AVERROR(ENOMEM); memcpy(s->pbr_buffer, data, size); + memset(s->pbr_buffer + size, 0, AV_INPUT_BUFFER_PADDING_SIZE); s->pbr_length = size; s->pbr_delay = delay; return 0; @@ -1138,6 +1139,7 @@ static int parse_frame_pbr(DCAXllDecoder *s, const uint8_t *data, int size, DCAE memcpy(s->pbr_buffer + s->pbr_length, data, size); s->pbr_length += size; + memset(s->pbr_buffer + s->pbr_length, 0, AV_INPUT_BUFFER_PADDING_SIZE); // Respect decoding delay after synchronization error if (s->pbr_delay > 0 && --s->pbr_delay) _______________________________________________ ffmpeg-cvslog mailing list -- [email protected] To unsubscribe send an email to [email protected]
