From patchwork Wed Oct  9 07:35:25 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Liu Steven <lq@chinaffmpeg.org>
X-Patchwork-Id: 15594
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
X-Original-To: patchwork@ffaux-bg.ffmpeg.org
Delivered-To: patchwork@ffaux-bg.ffmpeg.org
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by ffaux.localdomain (Postfix) with ESMTP id 6B016447223
	for <patchwork@ffaux-bg.ffmpeg.org>;
	Wed,  9 Oct 2019 10:36:56 +0300 (EEST)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 588F46881A8;
	Wed,  9 Oct 2019 10:36:56 +0300 (EEST)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from smtpbgeu1.qq.com (smtpbgeu1.qq.com [52.59.177.22])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 8F28F688198
	for <ffmpeg-devel@ffmpeg.org>; Wed,  9 Oct 2019 10:36:54 +0300 (EEST)
X-QQ-mid: bizesmtp17t1570606544tcw8c3s5
Received: from localhost (unknown [47.90.47.25]) by esmtp6.qq.com (ESMTP)
	with id ; Wed, 09 Oct 2019 15:35:43 +0800 (CST)
X-QQ-SSF: 01100000002000K0ZRF1000A0000000
X-QQ-FEAT: ixp0/hCyEGL9Iyem8SmFwZHPAvZ2ZMooz2VNOTY2kKHqlv8ctienhx3ydRQHj
	ZKbQQOQ9CF9aCVTrc8G4vE4sp1wLzOk44etR46wBbo6syE2jonPJwq9QbbS+YeIdtZFLGjv
	F9PXaJOdgvZ/Mrrkj9+3XHZWrgpcKagotDVLnazZGO0QR34PgN2KHFKvIal9qVDgrktsA8l
	0PKDezNnZo5kECUVkxxxgHA0e6PHItJdmwwsV8hjBGiv0Z80U3DIuz/wxIHj0xzDSZMsjZg
	bInPy9ggUaFY7VPqNBZLbc/7B5zNChFlLzh4TJre6tgooZlwjrp4HSVEuvVxu+ZVLCbw==
X-QQ-GoodBg: 0
From: Steven Liu <lq@chinaffmpeg.org>
To: ffmpeg-devel@ffmpeg.org
Date: Wed,  9 Oct 2019 15:35:25 +0800
Message-Id: <20191009073530.4505-6-lq@chinaffmpeg.org>
X-Mailer: git-send-email 2.10.1.382.ga23ca1b.dirty
In-Reply-To: <20191009073530.4505-1-lq@chinaffmpeg.org>
References: <20191009073530.4505-1-lq@chinaffmpeg.org>
X-QQ-SENDSIZE: 520
Feedback-ID: bizesmtp:chinaffmpeg.org:qybgforeign:qybgforeign1
X-QQ-Bgrelay: 1
Subject: [FFmpeg-devel] [PATCH v1 06/11] avformat/mpc8: fix memleak when
	seek table too big
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <http://ffmpeg.org/mailman/options/ffmpeg-devel>,
	<mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <http://ffmpeg.org/pipermail/ffmpeg-devel/>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <http://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
	<mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches
	<ffmpeg-devel@ffmpeg.org>
Cc: Steven Liu <lq@chinaffmpeg.org>
MIME-Version: 1.0
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>

Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
---
 libavformat/mpc8.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/libavformat/mpc8.c b/libavformat/mpc8.c
index 0eb879ffc0..e452cd6878 100644
--- a/libavformat/mpc8.c
+++ b/libavformat/mpc8.c
@@ -168,6 +168,7 @@ static void mpc8_parse_seektable(AVFormatContext *s, int64_t off)
     size = gb_get_v(&gb);
     if(size > UINT_MAX/4 || size > c->samples/1152){
         av_log(s, AV_LOG_ERROR, "Seek table is too big\n");
+        av_free(buf);
         return;
     }
     seekd = get_bits(&gb, 4);