[FFmpeg-devel,2/4] avformat/tiertexseq: Cleanup on error

Message ID	20190608092801.3965-2-michael@niedermayer.cc
State	Accepted
Commit	8e3e63e9ac1899968434c1d7d43ef439525367fd
Headers	show Return-Path: <ffmpeg-devel-bounces@ffmpeg.org> From: Michael Niedermayer <michael@niedermayer.cc> To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org> Date: Sat, 8 Jun 2019 11:27:59 +0200 Message-Id: <20190608092801.3965-2-michael@niedermayer.cc> In-Reply-To: <20190608092801.3965-1-michael@niedermayer.cc> References: <20190608092801.3965-1-michael@niedermayer.cc> MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH 2/4] avformat/tiertexseq: Cleanup on error Precedence: list Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>

Message ID

20190608092801.3965-2-michael@niedermayer.cc

State

Accepted

Commit

8e3e63e9ac1899968434c1d7d43ef439525367fd

Headers

From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Date: Sat,  8 Jun 2019 11:27:59 +0200
Message-Id: <20190608092801.3965-2-michael@niedermayer.cc>
In-Reply-To: <20190608092801.3965-1-michael@niedermayer.cc>
References: <20190608092801.3965-1-michael@niedermayer.cc>
MIME-Version: 1.0
Subject: [FFmpeg-devel] [PATCH 2/4] avformat/tiertexseq: Cleanup on error
Precedence: list
Reply-To: FFmpeg development discussions and patches
	<ffmpeg-devel@ffmpeg.org>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>

Commit Message

Michael Niedermayer June 8, 2019, 9:27 a.m. UTC

Fixes: memleak
Fixes: 15122/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5685964636160000

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavformat/tiertexseq.c | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/libavformat/tiertexseq.c b/libavformat/tiertexseq.c
index a35e08ef50..a89a0a9d61 100644
--- a/libavformat/tiertexseq.c
+++ b/libavformat/tiertexseq.c
@@ -202,16 +202,20 @@  static int seq_read_header(AVFormatContext *s)
 
     /* init internal buffers */
     rc = seq_init_frame_buffers(seq, pb);
-    if (rc)
+    if (rc) {
+        seq_read_close(s);
         return rc;
+    }
 
     seq->current_frame_offs = 0;
 
     /* preload (no audio data, just buffer operations related data) */
     for (i = 1; i <= 100; i++) {
         rc = seq_parse_frame_data(seq, pb);
-        if (rc)
+        if (rc) {
+            seq_read_close(s);
             return rc;
+        }
     }
 
     seq->current_frame_pts = 0;
@@ -220,8 +224,10 @@  static int seq_read_header(AVFormatContext *s)
 
     /* initialize the video decoder stream */
     st = avformat_new_stream(s, NULL);
-    if (!st)
+    if (!st) {
+        seq_read_close(s);
         return AVERROR(ENOMEM);
+    }
 
     avpriv_set_pts_info(st, 32, 1, SEQ_FRAME_RATE);
     seq->video_stream_index = st->index;
@@ -233,8 +239,10 @@  static int seq_read_header(AVFormatContext *s)
 
     /* initialize the audio decoder stream */
     st = avformat_new_stream(s, NULL);
-    if (!st)
+    if (!st) {
+        seq_read_close(s);
         return AVERROR(ENOMEM);
+    }
 
     st->start_time = 0;
     avpriv_set_pts_info(st, 32, 1, SEQ_SAMPLE_RATE);

[FFmpeg-devel,2/4] avformat/tiertexseq: Cleanup on error

Commit Message

Patch