From patchwork Wed Mar 10 01:06:00 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andreas Rheinhardt X-Patchwork-Id: 26294 Return-Path: X-Original-To: patchwork@ffaux-bg.ffmpeg.org Delivered-To: patchwork@ffaux-bg.ffmpeg.org Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by ffaux.localdomain (Postfix) with ESMTP id A04A744ACEC for ; Wed, 10 Mar 2021 03:13:04 +0200 (EET) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 869FC68A880; Wed, 10 Mar 2021 03:13:04 +0200 (EET) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-ed1-f53.google.com (mail-ed1-f53.google.com [209.85.208.53]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id D105D68A67E for ; Wed, 10 Mar 2021 03:12:58 +0200 (EET) Received: by mail-ed1-f53.google.com with SMTP id b13so24595085edx.1 for ; Tue, 09 Mar 2021 17:12:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references:reply-to :mime-version:content-transfer-encoding; bh=3Xds82XBid8NfNcR6pxWY8maCIw2eIjioyGR4CCqFjs=; b=QsSycvCvvQAZ9jqgqWTfNS1QmwkYPIs8A/rTYl/SfJ027UInHI+ZBz/NLwcVnAWNWe ck8+2Gj1hT5WzymQwa1s8MSsNh2pt9If90xbqEyT8VmjCZgAHjLjrK8mp+P0mVzgkVpe lqMOAzDaUEC2Tp1ry4f1t1Og7k3WB+tE8hfOATWrDfBjl0I/7PHcxajjbUwd9zBTZzmK LyMFsnb3zxXvgoBmxI+vzKQ51tZ+R18K14feyFRfplRiQz94olg5609gnBXw4pREYccl 4cgeLOXYqPnaM8KAzj05XbMjAwvegSPJ3DmfGQC+DA8VGtwgK3JnJsHJ7qLnOItFMqbN E3dw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:reply-to:mime-version:content-transfer-encoding; bh=3Xds82XBid8NfNcR6pxWY8maCIw2eIjioyGR4CCqFjs=; b=h39C9Fri96dZMywuxEpb42Xd/fhTer3yZ5TH3A1qzMrWXohF/ELa0PmtxkkgEzf58o TMFDLbwWZ6VLOvjSKSgTEA6j/lnzrt+00UBz5rATmKitQ7jkNEqveh269Ei2no1efLrN RMrogG+94Aav41xYbc9/XZ5h+hRNNlAvCTL7fY+8YVs70vNv86xG9/Xbb12RrRZKU5DL z3A9onPFeLXsyyMl7UlozZ8OcJ4c2fKGPzlyai1JONd5oItTV+tVapOht9VaxhgNl5nz iXrNfImIUzFemwr076lHjs+A5+b9WnfpUHahs5zSeKW9OsIbwrj2/DiQordDi5iJxQRu Zs9Q== X-Gm-Message-State: AOAM532FmHoK9hUPCcBZu74UfKA728AqnCReP1zn7BeMnOE5vpOindYt nDoAMw2MpZHwbXC/GaRai1vI2aBfrBs= X-Google-Smtp-Source: ABdhPJzv/R7pvTRkNDOUmFopVVlc2Eq0xcE4ttTvVoXRbdqcV4Vab0RSR6OmFE/3ZrMtDaVIORSPxQ== X-Received: by 2002:a17:906:7384:: with SMTP id f4mr853058ejl.196.1615338397196; Tue, 09 Mar 2021 17:06:37 -0800 (PST) Received: from sblaptop.fritz.box (ipbcc1aa4b.dynamic.kabel-deutschland.de. [188.193.170.75]) by smtp.gmail.com with ESMTPSA id r13sm9960737edy.3.2021.03.09.17.06.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 09 Mar 2021 17:06:36 -0800 (PST) From: Andreas Rheinhardt To: ffmpeg-devel@ffmpeg.org Date: Wed, 10 Mar 2021 02:06:00 +0100 Message-Id: <20210310010601.1142819-7-andreas.rheinhardt@gmail.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20210310010601.1142819-1-andreas.rheinhardt@gmail.com> References: <20210310010601.1142819-1-andreas.rheinhardt@gmail.com> MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH 7/8] avcodec/cbs_sei: Fix leak of AVBufferRef on error X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Andreas Rheinhardt Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" An AVBufferRef (and the corresponding AVBuffer and the underlying actual buffer) would leak in ff_cbs_sei_add_message() on error in case an error happened after its creation and before it has been attached to more permanent storage. Fix this by only creating the AVBufferRef immediately before attaching it to its intended target position. (Given that no SEI message currently created is refcounted, the above can't happen at the moment. But Coverity already nevertheless noticed: This commit fixes Coverity issue #1473521.) Signed-off-by: Andreas Rheinhardt --- libavcodec/cbs_sei.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/libavcodec/cbs_sei.c b/libavcodec/cbs_sei.c index 2a96db9674..141e97ec58 100644 --- a/libavcodec/cbs_sei.c +++ b/libavcodec/cbs_sei.c @@ -262,14 +262,6 @@ int ff_cbs_sei_add_message(CodedBitstreamContext *ctx, if (!desc) return AVERROR(EINVAL); - if (payload_buf) { - payload_ref = av_buffer_ref(payload_buf); - if (!payload_ref) - return AVERROR(ENOMEM); - } else { - payload_ref = NULL; - } - // Find an existing SEI unit or make a new one to add to. err = cbs_sei_get_unit(ctx, au, prefix, &unit); if (err < 0) @@ -285,6 +277,14 @@ int ff_cbs_sei_add_message(CodedBitstreamContext *ctx, if (err < 0) return err; + if (payload_buf) { + payload_ref = av_buffer_ref(payload_buf); + if (!payload_ref) + return AVERROR(ENOMEM); + } else { + payload_ref = NULL; + } + message = &list->messages[list->nb_messages - 1]; message->payload_type = payload_type;