[FFmpeg-devel] lavc/frame_thread_encoder: Do not memcpy() from NULL

Submitted by Carl Eugen Hoyos on June 30, 2019, 10:51 p.m.

Details

Message ID CAB0OVGpUKagQWRt4WyPg=6+sd4Uf2FeSgLgu3q-JDFZndM0pLg@mail.gmail.com
State Superseded
Headers show

Commit Message

Carl Eugen Hoyos June 30, 2019, 10:51 p.m.
Hi!

I believe attached patch fixes undefined behaviour and ticket #7981.

Please comment, Carl Eugen

Comments

Reimar Döffinger July 2, 2019, 6:31 a.m.
On 01.07.2019, at 00:51, Carl Eugen Hoyos <ceffmpeg@gmail.com> wrote:

> Hi!
> 
> I believe attached patch fixes undefined behaviour and ticket #7981.

Same here, I think it makes more sense to check the "size" instead of the pointer.
But I also suspect we might want to think of a way to not need all these explicit checks all over.

Patch hide | download patch | download mbox

From d72fe544d6d7cdf816a75df858b17f1744049d97 Mon Sep 17 00:00:00 2001
From: Carl Eugen Hoyos <ceffmpeg@gmail.com>
Date: Mon, 1 Jul 2019 00:49:44 +0200
Subject: [PATCH] lavc/frame_thread_encoder: Do not memcpy() from NULL.

Fixes ticket #7981.
---
 libavcodec/frame_thread_encoder.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/libavcodec/frame_thread_encoder.c b/libavcodec/frame_thread_encoder.c
index 55756c4c54..bb2a5ed222 100644
--- a/libavcodec/frame_thread_encoder.c
+++ b/libavcodec/frame_thread_encoder.c
@@ -209,8 +209,9 @@  int ff_frame_thread_encoder_init(AVCodecContext *avctx, AVDictionary *options){
             int ret = av_opt_copy(thread_avctx->priv_data, avctx->priv_data);
             if (ret < 0)
                 goto fail;
-        } else
+        } else if (avctx->priv_data) {
             memcpy(thread_avctx->priv_data, avctx->priv_data, avctx->codec->priv_data_size);
+        }
         thread_avctx->thread_count = 1;
         thread_avctx->active_thread_type &= ~FF_THREAD_FRAME;
 
-- 
2.22.0