[FFmpeg-devel] [PATCH] avutil/hwcontext: check the null pointer input value before use it
Steven Liu
lq at chinaffmpeg.org
Thu Feb 10 14:22:00 EET 2022
> 2022年2月10日 下午8:20,Steven Liu <lq at chinaffmpeg.org> 写道:
>
> because the src, src->hw_frames_ctx and src->hw_frames_ctx->data can be
> set to null when the user calling av_hwframe_transfer_data, this will
> get crash if they are null.
>
Reported-by: TOTE Robot <oslab at tsinghua.edu.cn>
> Signed-off-by: Steven Liu <lq at chinaffmpeg.org>
> ---
> libavutil/hwcontext.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/libavutil/hwcontext.c b/libavutil/hwcontext.c
> index 31c7840dba..b42a3a6d4d 100644
> --- a/libavutil/hwcontext.c
> +++ b/libavutil/hwcontext.c
> @@ -396,10 +396,13 @@ int av_hwframe_transfer_get_formats(AVBufferRef *hwframe_ref,
>
> static int transfer_data_alloc(AVFrame *dst, const AVFrame *src, int flags)
> {
> - AVHWFramesContext *ctx = (AVHWFramesContext*)src->hw_frames_ctx->data;
> + AVHWFramesContext *ctx = NULL;
> AVFrame *frame_tmp;
> int ret = 0;
>
> + if (!src || !src->hw_frames_ctx || !src->hw_frames_ctx->data)
> + return AVERROR(EINVAL);
> + ctx = (AVHWFramesContext*)src->hw_frames_ctx->data;
> frame_tmp = av_frame_alloc();
> if (!frame_tmp)
> return AVERROR(ENOMEM);
> --
> 2.25.0
>
Thanks
Steven Liu
More information about the ffmpeg-devel
mailing list