From patchwork Mon Oct 19 02:07:57 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: =?utf-8?b?5b6Q5oWn5Lmm?= <javashu2012@gmail.com>
X-Patchwork-Id: 23064
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
X-Original-To: patchwork@ffaux-bg.ffmpeg.org
Delivered-To: patchwork@ffaux-bg.ffmpeg.org
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by ffaux.localdomain (Postfix) with ESMTP id CBBD7449439
	for <patchwork@ffaux-bg.ffmpeg.org>; Mon, 19 Oct 2020 05:30:00 +0300 (EEST)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id A8DAB68B649;
	Mon, 19 Oct 2020 05:30:00 +0300 (EEST)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from mail-vs1-f68.google.com (mail-vs1-f68.google.com
 [209.85.217.68])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id B56A9688257
 for <ffmpeg-devel@ffmpeg.org>; Mon, 19 Oct 2020 05:29:54 +0300 (EEST)
Received: by mail-vs1-f68.google.com with SMTP id s15so4865272vsm.0
 for <ffmpeg-devel@ffmpeg.org>; Sun, 18 Oct 2020 19:29:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=rb+c4xeY5A4EQ+cOMddboML3uMeyU3DRDJ0fZduN77M=;
 b=AuKNvd4USbKHsH5jRUqv3+KhqzCZRRDHfMilOdpljI3GHfSgEUCBL3jSlV+ndlWPKT
 ntDxplsjdSN21DsbUezeqJNTJkSt1dWbAGYcdE/NxA+Me17dfZz2kLnahrufUUC+FBaq
 Q0jr67TNXOk44GOJH3LNlEwuo/kmPuA76hUgTjN5xPEYRTPf4b/GXiKvEc5YveQQ8JVq
 fQ4iK8UiIDE6NKKhi3cRZG2AUAtJR/i+08UCYJIUCUfEmfjf3qBXF8165MXLuNrdupBb
 xs2Ss7AXWhERnVnzbSHTfcJtu6A/cGn/VQxH8kpA0bB+3/KCf/tP059VH/wuqAAIW0F4
 En5g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=rb+c4xeY5A4EQ+cOMddboML3uMeyU3DRDJ0fZduN77M=;
 b=hGPJGaZqCzsusjSrr9F1kDd+8KrpgzjlwlyXCwK1B99wpVGXBn0QPC2Jw0FGM2Zt7S
 C+NhvDYE5xDzfW5rFpffbytUIR1OBv/p1B9FDusUaPNBnyXNARHKAR2SbNj7My9Uqmt0
 yvANC1S6O8XtqBlAULgNJ7extkS6ygCBlMn6FnWI1UP4dtMW0PBwoX6RXrj1De/gQbAt
 UnUFO3Dpc07SuoWNAJawZDZ1hXsvkRd2rnfVXx5LvkYe/m52M44cUhPa466w3mJ0MuDk
 GO3T9m+kSbnGaVP/l4BVoJHJF4u9NxyWSRR9LzH/fzbVN6V7HsUxEX8LEERpq1VWrxPR
 rThQ==
X-Gm-Message-State: AOAM532JlnM/XLB+1TTc5yJVi4YgQoKexktsEo9NH3x5GW+vJ+i6+I3w
 pYz958UK5i2pf/3Ju5na760QvFDPxypc9w==
X-Google-Smtp-Source: 
 ABdhPJzoSF6dCuEQjJIj4LZuyxyf2wpBnxCowCuDpaPeA5Wgi8Yp0wW/e32UVLWCz/BJuq6l3/5Phw==
X-Received: by 2002:a17:902:b595:b029:d4:db82:4403 with SMTP id
 a21-20020a170902b595b02900d4db824403mr15348018pls.49.1603073292981;
 Sun, 18 Oct 2020 19:08:12 -0700 (PDT)
Received: from localhost.localdomain ([47.89.83.18])
 by smtp.gmail.com with ESMTPSA id 194sm9750893pfz.182.2020.10.18.19.08.11
 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
 Sun, 18 Oct 2020 19:08:12 -0700 (PDT)
From: javashu2012@gmail.com
To: ffmpeg-devel@ffmpeg.org
Date: Mon, 19 Oct 2020 10:07:57 +0800
Message-Id: <20201019020757.12101-1-javashu2012@gmail.com>
X-Mailer: git-send-email 2.21.1 (Apple Git-122.3)
MIME-Version: 1.0
Subject: [FFmpeg-devel] [PATCH v2] libavformat/hls: use local var url for
	log to avoid crash
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Cc: bevis <javashu2012@gmail.com>
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>

From: bevis <javashu2012@gmail.com>

During operation, the user exits and interrupts, causing pls->segment to be released, resulting in a null pointer crash

Signed-off-by: bevis <javashu2012@gmail.com>
---
 libavformat/hls.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/libavformat/hls.c b/libavformat/hls.c
index 72e28ab94f..0a522a4595 100644
--- a/libavformat/hls.c
+++ b/libavformat/hls.c
@@ -1979,17 +1979,18 @@ static int hls_read_header(AVFormatContext *s)
         pls->ctx->interrupt_callback = s->interrupt_callback;
         url = av_strdup(pls->segments[0]->url);
         ret = av_probe_input_buffer(&pls->pb, &in_fmt, url, NULL, 0, 0);
-        av_free(url);
         if (ret < 0) {
             /* Free the ctx - it isn't initialized properly at this point,
              * so avformat_close_input shouldn't be called. If
              * avformat_open_input fails below, it frees and zeros the
              * context, so it doesn't need any special treatment like this. */
-            av_log(s, AV_LOG_ERROR, "Error when loading first segment '%s'\n", pls->segments[0]->url);
+            av_log(s, AV_LOG_ERROR, "Error when loading first segment '%s'\n", url);
             avformat_free_context(pls->ctx);
             pls->ctx = NULL;
+            av_free(url);
             goto fail;
         }
+        av_free(url);
         pls->ctx->pb       = &pls->pb;
         pls->ctx->io_open  = nested_io_open;
         pls->ctx->flags   |= s->flags & ~AVFMT_FLAG_CUSTOM_IO;