Message ID | 20210227222810.1462-2-michael@niedermayer.cc |
---|---|
State | Accepted |
Commit | 1c88098651469bf749eedd51f3227ec7edb4c2de |
Headers | show |
Series | [FFmpeg-devel,1/2] avformat/mvi: Check audio size for more overflows | expand |
Context | Check | Description |
---|---|---|
andriy/x86_make | success | Make finished |
andriy/x86_make_fate | success | Make fate finished |
andriy/PPC64_make | success | Make finished |
andriy/PPC64_make_fate | success | Make fate finished |
diff --git a/libavformat/samidec.c b/libavformat/samidec.c index cf5076c7b8..d84f56ce6f 100644 --- a/libavformat/samidec.c +++ b/libavformat/samidec.c @@ -89,6 +89,7 @@ static int sami_read_header(AVFormatContext *s) sub = ff_subtitles_queue_insert(&sami->q, buf.str, buf.len, !is_sync); if (!sub) { res = AVERROR(ENOMEM); + av_bprint_finalize(&hdr_buf, NULL); goto end; } if (is_sync) { @@ -97,6 +98,7 @@ static int sami_read_header(AVFormatContext *s) sub->pts = p ? strtol(p, NULL, 10) : 0; if (sub->pts <= INT64_MIN/2 || sub->pts >= INT64_MAX/2) { res = AVERROR_PATCHWELCOME; + av_bprint_finalize(&hdr_buf, NULL); goto end; }
Fixes: memleak Fixes: 30841/clusterfuzz-testcase-minimized-ffmpeg_dem_SAMI_fuzzer-4521799196999680 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavformat/samidec.c | 2 ++ 1 file changed, 2 insertions(+)