[FFmpeg-devel] [PATCH v1] avutil/frame: Use av_realloc_array()

Michael Niedermayer michael at niedermayer.cc
Tue Dec 24 01:32:07 EET 2019


On Mon, Dec 23, 2019 at 10:48:13PM +0800, lance.lmwang at gmail.com wrote:
> From: Limin Wang <lance.lmwang at gmail.com>
> 
> Signed-off-by: Limin Wang <lance.lmwang at gmail.com>
> ---
>  libavutil/frame.c | 7 ++-----
>  1 file changed, 2 insertions(+), 5 deletions(-)
> 
> diff --git a/libavutil/frame.c b/libavutil/frame.c
> index 1d0faec687..0a1ba877cc 100644
> --- a/libavutil/frame.c
> +++ b/libavutil/frame.c
> @@ -696,11 +696,8 @@ AVFrameSideData *av_frame_new_side_data_from_buf(AVFrame *frame,
>      if (!buf)
>          return NULL;
>  
> -    if (frame->nb_side_data > INT_MAX / sizeof(*frame->side_data) - 1)
> -        return NULL;
> -
> -    tmp = av_realloc(frame->side_data,
> -                     (frame->nb_side_data + 1) * sizeof(*frame->side_data));
> +    tmp = av_realloc_array(frame->side_data,
> +                     (frame->nb_side_data + 1), sizeof(*frame->side_data));

does something prevent "frame->nb_side_data + 1" from overflowing ?

thx

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Many things microsoft did are stupid, but not doing something just because
microsoft did it is even more stupid. If everything ms did were stupid they
would be bankrupt already.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20191224/fb550f5f/attachment.sig>


More information about the ffmpeg-devel mailing list