Use of uninitialized variable in modules/mux/ogg.c
Working off git, revision c432a4e1 :
Note: This bug was found with Clang.
In modules/mux/ogg.c:961-1039
961: ogg_packet op;
// ...
979: if( p_stream->i_cat == AUDIO_ES ) // Taking false branch
980: {
// ...
996: }
997: else if( p_stream->i_cat == VIDEO_ES )// Taking true branch
998: {
999: if( p_stream->i_fourcc == VLC_CODEC_THEORA )// Taking false branch
1000: {
// ...
1010: }
1011: else if( p_stream->i_fourcc == VLC_CODEC_DIRAC ) // Taking false branch
1012: {
// ...
1026: }
1027: else if( p_stream->p_oggds_header ) // Taking false branch
// ...
1030:}
// ...
1039:p_stream->u_last_granulepos = op.granulepos;
It is possible to traverse this entire sequence of if/else statements without ever setting op.granulepos. This causes an uninitialized value to be stored into p_stream->u_last_granulepos (which is really p_input->p_sys).
Activity
assigned to @fcartegnie
commit 7202a56a Author: Francois Cartegnie fcvlcdev@free.fr Date: Sat Sep 28 02:00:11 2013 +0200
muxers: ogg: set invalid granulepos value (fix [#8725](https://code.videolan.org/videolan/vlc/-/issues/8725))added Status::fixed label
changed milestone to %2.2 Features
Please register or sign in to reply