From 71fe97a60ad7dd6fe15238ca0eee1ed3121b5f80 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michaelni@gmx.at>
Date: Mon, 6 Jan 2014 22:58:24 +0100
Subject: [PATCH] avformat/nutdec: check avio_read() return code

Fixes use of uninitialized memory
Fixes: msan_uninit-mem_7f2785ab8669_6838_mewmew_vorbis_ssa.nut
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
---
 libavformat/nutdec.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/libavformat/nutdec.c b/libavformat/nutdec.c
index 2adc860f32..250e13fd9a 100644
--- a/libavformat/nutdec.c
+++ b/libavformat/nutdec.c
@@ -970,6 +970,7 @@ static int decode_frame(NUTContext *nut, AVPacket *pkt, int frame_code)
     int64_t pts, last_IP_pts;
     StreamContext *stc;
     uint8_t header_idx;
+    int ret;
 
     size = decode_frame_header(nut, &pts, &stream_id, &header_idx, frame_code);
     if (size < 0)
@@ -1006,7 +1007,12 @@ static int decode_frame(NUTContext *nut, AVPacket *pkt, int frame_code)
         pkt->size -= sm_size;
     }
 
-    avio_read(bc, pkt->data + nut->header_len[header_idx], size);
+    ret = avio_read(bc, pkt->data + nut->header_len[header_idx], size);
+    if (ret != size) {
+        if (ret < 0)
+            return ret;
+        av_shrink_packet(pkt, nut->header_len[header_idx] + size);
+    }
 
     pkt->stream_index = stream_id;
     if (stc->last_flags & FLAG_KEY)