Message ID | 20220211125155.11643-1-lq@chinaffmpeg.org |
---|---|
State | New |
Headers | show |
Series | [FFmpeg-devel] avcodec/vp6: Check alpha_context for allocation failures | expand |
Context | Check | Description |
---|---|---|
yinshiyou/configure_loongarch64 | warning | Failed to apply patch |
andriy/configure_x86 | warning | Failed to apply patch |
andriy/configure_ppc | warning | Failed to apply patch |
andriy/configure_armv7_RPi4 | warning | Failed to apply patch |
andriy/configure_aarch64_jetson | warning | Failed to apply patch |
Steven Liu: > Fixes: null pointer dereference > > Reported-by: TOTE Robot <oslab@tsinghua.edu.cn> > Signed-off-by: Steven Liu <lq@chinaffmpeg.org> > --- > libavcodec/vp6.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/libavcodec/vp6.c b/libavcodec/vp6.c > index d024370793..7ddabbff80 100644 > --- a/libavcodec/vp6.c > +++ b/libavcodec/vp6.c > @@ -653,6 +653,8 @@ static av_cold int vp6_decode_init(AVCodecContext *avctx) > > if (s->has_alpha) { > s->alpha_context = av_mallocz(sizeof(VP56Context)); > + if (!s->alpha_context) > + return AVERROR(ENOMEM); > ff_vp56_init_context(avctx, s->alpha_context, > s->flip == -1, s->has_alpha); > ff_vp6dsp_init(&s->alpha_context->vp56dsp); Already fixed by https://ffmpeg.org/pipermail/ffmpeg-devel/2022-February/292714.html (pushed as c4d63dbc9417ddf77f6e33f6144b23da7e97cb3b). Furthermore, your patch would leak in case of allocation failure. - Andreas
diff --git a/libavcodec/vp6.c b/libavcodec/vp6.c index d024370793..7ddabbff80 100644 --- a/libavcodec/vp6.c +++ b/libavcodec/vp6.c @@ -653,6 +653,8 @@ static av_cold int vp6_decode_init(AVCodecContext *avctx) if (s->has_alpha) { s->alpha_context = av_mallocz(sizeof(VP56Context)); + if (!s->alpha_context) + return AVERROR(ENOMEM); ff_vp56_init_context(avctx, s->alpha_context, s->flip == -1, s->has_alpha); ff_vp6dsp_init(&s->alpha_context->vp56dsp);
Fixes: null pointer dereference Reported-by: TOTE Robot <oslab@tsinghua.edu.cn> Signed-off-by: Steven Liu <lq@chinaffmpeg.org> --- libavcodec/vp6.c | 2 ++ 1 file changed, 2 insertions(+)