[FFmpeg-devel,1/2] avcodec/mjpegdec: Fix stereo3d memleak

Message ID	20190218000756.29768-1-michael@niedermayer.cc
State	Accepted
Commit	32d022d26db44cf153ab953360bc995976cc695b
Headers	show Return-Path: <ffmpeg-devel-bounces@ffmpeg.org> From: Michael Niedermayer <michael@niedermayer.cc> To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org> Date: Mon, 18 Feb 2019 01:07:55 +0100 Message-Id: <20190218000756.29768-1-michael@niedermayer.cc> MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH 1/2] avcodec/mjpegdec: Fix stereo3d memleak Precedence: list Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>

Message ID

20190218000756.29768-1-michael@niedermayer.cc

State

Accepted

Commit

32d022d26db44cf153ab953360bc995976cc695b

Headers

From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Date: Mon, 18 Feb 2019 01:07:55 +0100
Message-Id: <20190218000756.29768-1-michael@niedermayer.cc>
MIME-Version: 1.0
Subject: [FFmpeg-devel] [PATCH 1/2] avcodec/mjpegdec: Fix stereo3d memleak
Precedence: list
Reply-To: FFmpeg development discussions and patches
	<ffmpeg-devel@ffmpeg.org>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>

Commit Message

Michael Niedermayer Feb. 18, 2019, 12:07 a.m. UTC

Fixes: 12937/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_THP_fuzzer-5714945346371584

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/mjpegdec.c | 1 +
 1 file changed, 1 insertion(+)

Comments

Michael Niedermayer Feb. 25, 2019, 4:15 p.m. UTC | #1

On Mon, Feb 18, 2019 at 01:07:55AM +0100, Michael Niedermayer wrote:
> Fixes: 12937/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_THP_fuzzer-5714945346371584
> 
> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> ---
>  libavcodec/mjpegdec.c | 1 +
>  1 file changed, 1 insertion(+)

will apply

[...]

diff --git a/libavcodec/mjpegdec.c b/libavcodec/mjpegdec.c
index 902b8eb7cb..e82c185433 100644
--- a/libavcodec/mjpegdec.c
+++ b/libavcodec/mjpegdec.c
@@ -1903,6 +1903,7 @@  static int mjpeg_decode_app(MJpegDecodeContext *s)
         type   = get_bits(&s->gb, 8);
         len -= 4;
 
+        av_freep(&s->stereo3d);
         s->stereo3d = av_stereo3d_alloc();
         if (!s->stereo3d) {
             goto out;

[FFmpeg-devel,1/2] avcodec/mjpegdec: Fix stereo3d memleak

Commit Message

Comments

Patch