avformat/mov: make sure file_checksum is fully initialized

Fixes: use of uninitialized memory Fixes: 394990189/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-6431722199908352 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 8b16e1ddd9) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2026-01-12 00:06:51 +08:00 · 2025-07-23 13:16:33 +02:00
parent cb57b6ee15
commit 6fb79cf3ed
1 changed files with 3 additions and 1 deletions
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -1271,7 +1271,9 @@ static int mov_read_adrm(MOVContext *c, AVIOContext *pb, MOVAtom atom)
    avio_read(pb, output, 8); // go to offset 8, absolute position 0x251
    avio_read(pb, input, DRM_BLOB_SIZE);
    avio_read(pb, output, 4); // go to offset 4, absolute position 0x28d
-    avio_read(pb, file_checksum, 20);
+    ret = ffio_read_size(pb, file_checksum, 20);
+    if (ret < 0)
+        goto fail;

    // required by external tools
    ff_data_to_hex(checksum_string, file_checksum, sizeof(file_checksum), 1);