[FFmpeg-devel] [libav-devel] [PATCH] lzf: update pointer p after realloc
Andreas Cadhalpun
andreas.cadhalpun at googlemail.com
Sat Nov 5 20:03:21 EET 2016
On 05.11.2016 01:36, Luca Barbato wrote:
> On 04/11/2016 23:33, Andreas Cadhalpun wrote:
>> This fixes heap-use-after-free detected by AddressSanitizer.
>>
>> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
>> ---
>> libavcodec/lzf.c | 2 ++
>> 1 file changed, 2 insertions(+)
>>
>> diff --git a/libavcodec/lzf.c b/libavcodec/lzf.c
>> index 409a7ff..5b7526e 100644
>> --- a/libavcodec/lzf.c
>> +++ b/libavcodec/lzf.c
>> @@ -53,6 +53,7 @@ int ff_lzf_uncompress(GetByteContext *gb, uint8_t **buf, int64_t *size)
>> ret = av_reallocp(buf, *size);
>> if (ret < 0)
>> return ret;
>> + p = *buf + len;
>> }
>>
>> bytestream2_get_buffer(gb, p, s);
>> @@ -75,6 +76,7 @@ int ff_lzf_uncompress(GetByteContext *gb, uint8_t **buf, int64_t *size)
>> ret = av_reallocp(buf, *size);
>> if (ret < 0)
>> return ret;
>> + p = *buf + len;
>> }
>>
>> av_memcpy_backptr(p, off, l);
>>
>
> Looks good, thank you!
Pushed.
Best regards,
Andreas
More information about the ffmpeg-devel
mailing list