Remove memset from VideoFrame and mark buffer as unpoisoned

media/filters/ffmpeg_video_decoder.cc

Index: media/filters/ffmpeg_video_decoder.cc
diff --git a/media/filters/ffmpeg_video_decoder.cc b/media/filters/ffmpeg_video_decoder.cc
index fdf8dc5841a8085c4831026dd693b6fe3e994acf..a8b0f6f1275eacee57b91a73e4f60b39bde200a4 100644
--- a/media/filters/ffmpeg_video_decoder.cc
+++ b/media/filters/ffmpeg_video_decoder.cc
@@ -125,14 +125,17 @@ int FFmpegVideoDecoder::GetVideoBuffer(struct AVCodecContext* codec_context,
     return AVERROR(EINVAL);
   }
 
+  // FFmpeg expects the initialize allocation to be zero-initialized.  Failure
+  // to do so can lead to unitialized value usage.  See http://crbug.com/390941

[miu, 2015/07/09 23:31:34]

Instead of ever initializing the memory, why not just mark the region as
"unpoisoned" so tools like MSAN won't complain?

See:
https://code.google.com/p/chromium/codesearch#chromium/src/base/compiler_spec...

[DaleCurtis, 2015/07/09 23:34:43]

If we're okay with potentially large allocations being readable via canvas,
that's fine with me. Hopefully wfh@ has some commentary :) If we don't zero
initialize nacl allocations today, it's a moot point.

   scoped_refptr<VideoFrame> video_frame = frame_pool_.CreateFrame(
-      format, coded_size, gfx::Rect(size), natural_size, kNoTimestamp());
+      format, coded_size, gfx::Rect(size), natural_size, kNoTimestamp(), true);
+
   if (codec_context->colorspace == AVCOL_SPC_BT709) {
     video_frame->metadata()->SetInteger(VideoFrameMetadata::COLOR_SPACE,
                                         VideoFrame::COLOR_SPACE_HD_REC709);
   }
 
-  for (int i = 0; i < 3; i++) {
+  for (size_t i = 0; i < VideoFrame::NumPlanes(video_frame->format()); i++) {
     frame->data[i] = video_frame->data(i);
     frame->linesize[i] = video_frame->stride(i);
   }