[FFmpeg-devel] [PATCH 1/2] ffprobe: Fix null pointer dereference with color primaries

Tue Aug 22 20:01:29 EEST 2017

On 8/22/2017 1:34 PM, Michael Niedermayer wrote:
> Found-by: AD-lab of venustech
> Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> ---
>  ffprobe.c | 20 ++++++++++++--------
>  1 file changed, 12 insertions(+), 8 deletions(-)
> 
> diff --git a/ffprobe.c b/ffprobe.c
> index 50d7c1a777..d4bdd9c099 100644
> --- a/ffprobe.c
> +++ b/ffprobe.c
> @@ -1925,6 +1925,16 @@ static void print_pkt_side_data(WriterContext *w,
>      writer_print_section_footer(w);
>  }
>  
> +static void print_primaries(WriterContext *w, enum AVColorPrimaries color_primaries)
> +{
> +    const char *val = av_color_primaries_name(color_primaries);
> +    if (!val || color_primaries == AVCOL_PRI_UNSPECIFIED) {
> +        print_str_opt("color_primaries", "unknown");
> +    } else {
> +        print_str("color_primaries", val);
> +    }
> +}
> +
>  static void clear_log(int need_lock)
>  {
>      int i;
> @@ -2116,10 +2126,7 @@ static void show_frame(WriterContext *w, AVFrame *frame, AVStream *stream,
>          else
>              print_str_opt("color_space", av_color_space_name(frame->colorspace));
>  
> -        if (frame->color_primaries != AVCOL_PRI_UNSPECIFIED)
> -            print_str("color_primaries", av_color_primaries_name(frame->color_primaries));
> -        else
> -            print_str_opt("color_primaries", av_color_primaries_name(frame->color_primaries));
> +        print_primaries(w, frame->color_primaries);
>  
>          if (frame->color_trc != AVCOL_TRC_UNSPECIFIED)
>              print_str("color_transfer", av_color_transfer_name(frame->color_trc));
> @@ -2516,10 +2523,7 @@ static int show_stream(WriterContext *w, AVFormatContext *fmt_ctx, int stream_id
>          else
>              print_str_opt("color_transfer", av_color_transfer_name(par->color_trc));
>  
> -        if (par->color_primaries != AVCOL_PRI_UNSPECIFIED)
> -            print_str("color_primaries", av_color_primaries_name(par->color_primaries));
> -        else
> -            print_str_opt("color_primaries", av_color_primaries_name(par->color_primaries));
> +        print_primaries(w, par->color_primaries);

Shouldn't the same be done for the other properties?
av_color_transfer_name(), av_color_space_name(),
av_chroma_location_name(), av_color_range_name(), all may also return
NULL on invalid values.

>  
>          if (par->chroma_location != AVCHROMA_LOC_UNSPECIFIED)
>              print_str("chroma_location", av_chroma_location_name(par->chroma_location));
> 