[FFmpeg-devel] [PATCH] libavformat/avidec: check memory allocation
Chris Miceli
chris at miceli.net.au
Tue Oct 13 06:22:25 EEST 2020
Memory allocation for AVIOContext should be checked. In this code,
all error conditions are sent to the "goto error".
---
libavformat/avidec.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/libavformat/avidec.c b/libavformat/avidec.c
index 9765e5e7b2..33e50e9878 100644
--- a/libavformat/avidec.c
+++ b/libavformat/avidec.c
@@ -1072,11 +1072,15 @@ static int read_gab2_sub(AVFormatContext *s, AVStream *st, AVPacket *pkt)
ff_const59 AVInputFormat *sub_demuxer;
AVRational time_base;
int size;
+ AVProbeData pd;
+ unsigned int desc_len;
AVIOContext *pb = avio_alloc_context(pkt->data + 7,
pkt->size - 7,
0, NULL, NULL, NULL, NULL);
- AVProbeData pd;
- unsigned int desc_len = avio_rl32(pb);
+ if (!pb)
+ goto error;
+
+ desc_len = avio_rl32(pb);
if (desc_len > pb->buf_end - pb->buf_ptr)
goto error;
--
2.28.0
More information about the ffmpeg-devel
mailing list