[FFmpeg-cvslog] avformat/mxfdec: free duplicated utf16 strings
Michael Niedermayer
git at videolan.org
Tue Jul 7 21:41:23 EEST 2020
ffmpeg | branch: release/4.2 | Michael Niedermayer <michael at niedermayer.cc> | Sun Jun 14 19:45:05 2020 +0200| [774efe1eceac5f22b859b1e2965f4d46fd6f35a0] | committer: Michael Niedermayer
avformat/mxfdec: free duplicated utf16 strings
Fixes: memleak
Fixes: 23415/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5124814510751744
Suggested-by: Marton Balint <cus at passwd.hu>
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0aa2768cb275bda9e9e1331ed95adc7cd686eafe)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=774efe1eceac5f22b859b1e2965f4d46fd6f35a0
---
libavformat/mxfdec.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/libavformat/mxfdec.c b/libavformat/mxfdec.c
index 9c4d036043..eca4dfed9c 100644
--- a/libavformat/mxfdec.c
+++ b/libavformat/mxfdec.c
@@ -866,6 +866,7 @@ static inline int mxf_read_utf16_string(AVIOContext *pb, int size, char** str, i
return AVERROR(EINVAL);
buf_size = size + size / 2 + 1;
+ av_free(*str);
*str = av_malloc(buf_size);
if (!*str)
return AVERROR(ENOMEM);
More information about the ffmpeg-cvslog
mailing list