[FFmpeg-devel] [PATCH 2/2] webmdashenc: Fix potential leak in realloc
Michael Niedermayer
michaelni at gmx.at
Mon Apr 13 21:48:57 CEST 2015
On Mon, Apr 13, 2015 at 12:16:44PM -0700, Vignesh Venkatasubramanian wrote:
> Fix potential leak in av_realloc call where the output was being
> overwritten by using a temporary variable.
>
> Signed-off-by: Vignesh Venkatasubramanian <vigneshv at google.com>
> ---
> libavformat/webmdashenc.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/libavformat/webmdashenc.c b/libavformat/webmdashenc.c
> index 80266f7..0f915fd 100644
> --- a/libavformat/webmdashenc.c
> +++ b/libavformat/webmdashenc.c
> @@ -419,9 +419,10 @@ static int parse_adaptation_sets(AVFormatContext *s)
> if (*p == ' ')
> continue;
> else if (state == new_set && !strncmp(p, "id=", 3)) {
> - w->as = av_realloc(w->as, sizeof(*w->as) * ++w->nb_as);
> - if (w->as == NULL)
> + void *mem = av_realloc(w->as, sizeof(*w->as) * ++w->nb_as);
> + if (mem == NULL)
> return AVERROR(ENOMEM);
nb_as will be 1 larger than the array in the return case
is that intended / safe ?
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
DNS cache poisoning attacks, popular search engine, Google internet authority
dont be evil, please
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20150413/7631f64f/attachment.asc>
More information about the ffmpeg-devel
mailing list