| Message ID | 20210322205833.14541-3-michael@niedermayer.cc |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [FFmpeg-devel,1/6] avcodec/h264_slice: Check input SPS in ff_h264_update_thread_context() | expand |
| Context | Check | Description |
|---|---|---|
| andriy/x86_make | success | Make finished |
| andriy/x86_make_fate | success | Make fate finished |
| andriy/PPC64_make | success | Make finished |
| andriy/PPC64_make_fate | success | Make fate finished |
On 3/22/2021 5:58 PM, Michael Niedermayer wrote: > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > tools/target_dem_fuzzer.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/tools/target_dem_fuzzer.c b/tools/target_dem_fuzzer.c > index af1840b359..90b7acefe2 100644 > --- a/tools/target_dem_fuzzer.c > +++ b/tools/target_dem_fuzzer.c > @@ -189,6 +189,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { > av_freep(&fuzzed_pb->buffer); > av_freep(&fuzzed_pb); > avformat_free_context(avfmt); > + av_packet_free(&pkt); > return 0; > } Assuming avformat_close_input() can be called on a AVFormatContext that failed to initialize, how about adding a fail label at the end and jumping there from here instead? It would reduce code duplication and prevent the same mistake being done in the future if a new struct is allocated for whatever reason. It will also free fuzzed_pb with the correct function.
diff --git a/tools/target_dem_fuzzer.c b/tools/target_dem_fuzzer.c index af1840b359..90b7acefe2 100644 --- a/tools/target_dem_fuzzer.c +++ b/tools/target_dem_fuzzer.c @@ -189,6 +189,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { av_freep(&fuzzed_pb->buffer); av_freep(&fuzzed_pb); avformat_free_context(avfmt); + av_packet_free(&pkt); return 0; }
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- tools/target_dem_fuzzer.c | 1 + 1 file changed, 1 insertion(+)