[FFmpeg-cvslog] avutil/hwcontext: Don't assume frames_uninit is reentrant
Zhao Zhili
git at videolan.org
Mon Oct 28 14:41:18 EET 2024
ffmpeg | branch: release/6.1 | Zhao Zhili <zhilizhao at tencent.com> | Tue Feb 20 20:08:55 2024 +0800| [7d79d0a43b5533ff584249332bc1db7fedbab1d2] | committer: Zhao Zhili
avutil/hwcontext: Don't assume frames_uninit is reentrant
Fix heap use after free when vulkan_frames_init failed.
Signed-off-by: Zhao Zhili <zhilizhao at tencent.com>
(cherry picked from commit 3bb00c0a420c3ce83c6fafee30270d69622ccad7)
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7d79d0a43b5533ff584249332bc1db7fedbab1d2
---
libavutil/hwcontext.c | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/libavutil/hwcontext.c b/libavutil/hwcontext.c
index 3650d4653a..0ef34796f6 100644
--- a/libavutil/hwcontext.c
+++ b/libavutil/hwcontext.c
@@ -363,7 +363,7 @@ int av_hwframe_ctx_init(AVBufferRef *ref)
if (ctx->internal->hw_type->frames_init) {
ret = ctx->internal->hw_type->frames_init(ctx);
if (ret < 0)
- goto fail;
+ return ret;
}
if (ctx->internal->pool_internal && !ctx->pool)
@@ -373,14 +373,10 @@ int av_hwframe_ctx_init(AVBufferRef *ref)
if (ctx->initial_pool_size > 0) {
ret = hwframe_pool_prealloc(ref);
if (ret < 0)
- goto fail;
+ return ret;
}
return 0;
-fail:
- if (ctx->internal->hw_type->frames_uninit)
- ctx->internal->hw_type->frames_uninit(ctx);
- return ret;
}
int av_hwframe_transfer_get_formats(AVBufferRef *hwframe_ref,
More information about the ffmpeg-cvslog
mailing list