Message ID | CALDvNfHUC-MECa6othAcfQthECfZMNLra9R4LFsTD+K87LgQxg@mail.gmail.com |
---|---|
State | New |
Headers | show |
Series | [FFmpeg-devel] avutil/hwcontext: Don't assume frames_uninit is reentrant | expand |
Context | Check | Description |
---|---|---|
yinshiyou/make_loongarch64 | success | Make finished |
yinshiyou/make_fate_loongarch64 | success | Make fate finished |
> On Oct 24, 2024, at 02:14, 徐浩宇 <dawndreaming97@gmail.com> wrote: > > I have discovered that the vulnerability addressed by commit 3bb00c0 > <https://github.com/ffmpeg/ffmpeg/commit/3bb00c0a420c3ce83c6fafee30270d69622ccad7> > also > affects the release/6.1 branch,but the fix has not yet been applied. Given > that there were relevant commits to the release/6.1 branch just two weeks > ago, I believe it is an active branch and should be properly patched.To > address this, I have created this patch for release/6.1 based on 3bb00c0 > <https://github.com/ffmpeg/ffmpeg/commit/3bb00c0a420c3ce83c6fafee30270d69622ccad7> > . Thanks for the report. I have cherry-picked commit 3bb00c0 to release/6.1 branch. > > Signed-off-by: sprinkle <dawndreaming97@gmail.com> > --- > libavutil/hwcontext.c | 8 ++------ > 1 file changed, 2 insertions(+), 6 deletions(-) > > diff --git a/libavutil/hwcontext.c b/libavutil/hwcontext.c > index 3650d46..0ef3479 100644 > --- a/libavutil/hwcontext.c > +++ b/libavutil/hwcontext.c > @@ -363,7 +363,7 @@ int av_hwframe_ctx_init(AVBufferRef *ref) > if (ctx->internal->hw_type->frames_init) { > ret = ctx->internal->hw_type->frames_init(ctx); > if (ret < 0) > - goto fail; > + return ret; > } > > if (ctx->internal->pool_internal && !ctx->pool) > @@ -373,14 +373,10 @@ int av_hwframe_ctx_init(AVBufferRef *ref) > if (ctx->initial_pool_size > 0) { > ret = hwframe_pool_prealloc(ref); > if (ret < 0) > - goto fail; > + return ret; > } > > return 0; > -fail: > - if (ctx->internal->hw_type->frames_uninit) > - ctx->internal->hw_type->frames_uninit(ctx); > - return ret; > } > > int av_hwframe_transfer_get_formats(AVBufferRef *hwframe_ref, > -- > 2.7.4 > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
diff --git a/libavutil/hwcontext.c b/libavutil/hwcontext.c index 3650d46..0ef3479 100644 --- a/libavutil/hwcontext.c +++ b/libavutil/hwcontext.c @@ -363,7 +363,7 @@ int av_hwframe_ctx_init(AVBufferRef *ref) if (ctx->internal->hw_type->frames_init) { ret = ctx->internal->hw_type->frames_init(ctx); if (ret < 0) - goto fail; + return ret; } if (ctx->internal->pool_internal && !ctx->pool) @@ -373,14 +373,10 @@ int av_hwframe_ctx_init(AVBufferRef *ref) if (ctx->initial_pool_size > 0) { ret = hwframe_pool_prealloc(ref); if (ret < 0) - goto fail; + return ret; } return 0; -fail: - if (ctx->internal->hw_type->frames_uninit) - ctx->internal->hw_type->frames_uninit(ctx); - return ret; } int av_hwframe_transfer_get_formats(AVBufferRef *hwframe_ref,
I have discovered that the vulnerability addressed by commit 3bb00c0 <https://github.com/ffmpeg/ffmpeg/commit/3bb00c0a420c3ce83c6fafee30270d69622ccad7> also affects the release/6.1 branch,but the fix has not yet been applied. Given that there were relevant commits to the release/6.1 branch just two weeks ago, I believe it is an active branch and should be properly patched.To address this, I have created this patch for release/6.1 based on 3bb00c0 <https://github.com/ffmpeg/ffmpeg/commit/3bb00c0a420c3ce83c6fafee30270d69622ccad7> . Signed-off-by: sprinkle <dawndreaming97@gmail.com> --- libavutil/hwcontext.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-)