[FFmpeg-cvslog] avformat/subtitles: Check nb_subs in ff_subtitles_queue_finalize()

Michael Niedermayer git at videolan.org
Sun Oct 6 21:03:09 EEST 2019


ffmpeg | branch: master | Michael Niedermayer <michael at niedermayer.cc> | Fri Oct  4 17:10:38 2019 +0200| [81b53913bbb97234e22187d1122948c351a3466d] | committer: Michael Niedermayer

avformat/subtitles: Check nb_subs in ff_subtitles_queue_finalize()

Fixes: null pointer dereference
Fixes: 17828/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5645915116797952
Fixes: Ticket8147

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=81b53913bbb97234e22187d1122948c351a3466d
---

 libavformat/subtitles.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/libavformat/subtitles.c b/libavformat/subtitles.c
index 659c99d1cf..a3240d88a1 100644
--- a/libavformat/subtitles.c
+++ b/libavformat/subtitles.c
@@ -194,6 +194,9 @@ void ff_subtitles_queue_finalize(void *log_ctx, FFDemuxSubtitlesQueue *q)
 {
     int i;
 
+    if (!q->nb_subs)
+        return;
+
     qsort(q->subs, q->nb_subs, sizeof(*q->subs),
           q->sort == SUB_SORT_TS_POS ? cmp_pkt_sub_ts_pos
                                      : cmp_pkt_sub_pos_ts);



More information about the ffmpeg-cvslog mailing list