diff mbox

[FFmpeg-devel] avcodec/bsf: check that AVBSFInternal was allocated before dereferencing it

Message ID 20190923025808.1739-1-jamrial@gmail.com
State Accepted
Commit d889ae33962e4ad2b24175418fe89d72ce712179
Headers show

Commit Message

James Almer Sept. 23, 2019, 2:58 a.m. UTC 
This can happen when av_bsf_free() is called on av_bsf_alloc() failure.

Signed-off-by: James Almer <jamrial@gmail.com>
---
 libavcodec/bsf.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Comments

Paul B Mahol Sept. 23, 2019, 8:16 a.m. UTC | #1 
lgtm

On 9/23/19, James Almer <jamrial@gmail.com> wrote:
> This can happen when av_bsf_free() is called on av_bsf_alloc() failure.
>
> Signed-off-by: James Almer <jamrial@gmail.com>
> ---
>  libavcodec/bsf.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/libavcodec/bsf.c b/libavcodec/bsf.c
> index 71915dea85..c1653cddb0 100644
> --- a/libavcodec/bsf.c
> +++ b/libavcodec/bsf.c
> @@ -47,7 +47,8 @@ void av_bsf_free(AVBSFContext **pctx)
>
>      av_opt_free(ctx);
>
> -    av_packet_free(&ctx->internal->buffer_pkt);
> +    if (ctx->internal)
> +        av_packet_free(&ctx->internal->buffer_pkt);
>      av_freep(&ctx->internal);
>      av_freep(&ctx->priv_data);
>
> --
> 2.22.0
>
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
James Almer Sept. 23, 2019, 11:52 p.m. UTC | #2 
On 9/23/2019 5:16 AM, Paul B Mahol wrote:
> lgtm
> 
> On 9/23/19, James Almer <jamrial@gmail.com> wrote:
>> This can happen when av_bsf_free() is called on av_bsf_alloc() failure.
>>
>> Signed-off-by: James Almer <jamrial@gmail.com>
>> ---
>>  libavcodec/bsf.c | 3 ++-
>>  1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/libavcodec/bsf.c b/libavcodec/bsf.c
>> index 71915dea85..c1653cddb0 100644
>> --- a/libavcodec/bsf.c
>> +++ b/libavcodec/bsf.c
>> @@ -47,7 +47,8 @@ void av_bsf_free(AVBSFContext **pctx)
>>
>>      av_opt_free(ctx);
>>
>> -    av_packet_free(&ctx->internal->buffer_pkt);
>> +    if (ctx->internal)
>> +        av_packet_free(&ctx->internal->buffer_pkt);
>>      av_freep(&ctx->internal);
>>      av_freep(&ctx->priv_data);

Pushed, thanks.
diff mbox

Patch

diff --git a/libavcodec/bsf.c b/libavcodec/bsf.c
index 71915dea85..c1653cddb0 100644
--- a/libavcodec/bsf.c
+++ b/libavcodec/bsf.c
@@ -47,7 +47,8 @@  void av_bsf_free(AVBSFContext **pctx)
 
     av_opt_free(ctx);
 
-    av_packet_free(&ctx->internal->buffer_pkt);
+    if (ctx->internal)
+        av_packet_free(&ctx->internal->buffer_pkt);
     av_freep(&ctx->internal);
     av_freep(&ctx->priv_data);