[FFmpeg-devel] [PATCH] fftools/ffmpeg_filter: fix SEGV in choose_pix_fmts after avio_close_dyn_buf
Steven Liu
lq at chinaffmpeg.org
Wed Dec 1 10:37:52 EET 2021
From: Steven Liu <liuqi05 at kuaishou.com>
ret could be set to s->opaque->buffer in avio_close_dyn_buf, so it can
be set to NULL, check NULL pointer deference after it should be ok.
Reported-by: TOTE Robot <oslab at tsinghua.edu.cn>
Signed-off-by: Steven Liu <liuqi05 at kuaishou.com>
---
fftools/ffmpeg_filter.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/fftools/ffmpeg_filter.c b/fftools/ffmpeg_filter.c
index 452b689d62..f2f77ff86f 100644
--- a/fftools/ffmpeg_filter.c
+++ b/fftools/ffmpeg_filter.c
@@ -119,6 +119,8 @@ static char *choose_pix_fmts(OutputFilter *ofilter)
avio_printf(s, "%s|", name);
}
len = avio_close_dyn_buf(s, &ret);
+ if (len <= 0 || !ret)
+ return NULL;
ret[len - 1] = 0;
return ret;
} else
--
2.25.0
More information about the ffmpeg-devel
mailing list