[FFmpeg-cvslog] avcodec/pthread_frame: check avctx on deallocation

[Michael Niedermayer]

ffmpeg | branch: release/2.5 | Michael Niedermayer <michael at niedermayer.cc> | Mon Jul 13 21:19:04 2015 +0200| [95d8912bfdc5e0eca54d9f3b251f67c19b88b6a3] | committer: Michael Niedermayer

avcodec/pthread_frame: check avctx on deallocation

Fixes null pointer dereferences
Fixes: af1a5a33e67e479f439239097bd0d4fd_signal_sigsegv_7ffff713351a_152_Dolby_Rain_Logo.pmp with memlimit of 8388608

Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 5d346feafa817c4fbc30f7ed0b93b2dad6cef15b)

Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=95d8912bfdc5e0eca54d9f3b251f67c19b88b6a3
---

 libavcodec/pthread_frame.c |    7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/libavcodec/pthread_frame.c b/libavcodec/pthread_frame.c
index 5a4ab84..e7ac377 100644
--- a/libavcodec/pthread_frame.c
+++ b/libavcodec/pthread_frame.c
@@ -571,7 +571,7 @@ void ff_frame_thread_free(AVCodecContext *avctx, int thread_count)
             pthread_join(p->thread, NULL);
         p->thread_init=0;
 
-        if (codec->close)
+        if (codec->close && p->avctx)
             codec->close(p->avctx);
 
         avctx->codec = NULL;
@@ -591,12 +591,13 @@ void ff_frame_thread_free(AVCodecContext *avctx, int thread_count)
         av_packet_unref(&p->avpkt);
         av_freep(&p->released_buffers);
 
-        if (i) {
+        if (i && p->avctx) {
             av_freep(&p->avctx->priv_data);
             av_freep(&p->avctx->slice_offset);
         }
 
-        av_freep(&p->avctx->internal);
+        if (p->avctx)
+            av_freep(&p->avctx->internal);
         av_freep(&p->avctx);
     }