[FFmpeg-cvslog] avcodec/pngdec: Alloc buffer after blend_op check in handle_p_frame_apng()
Michael Niedermayer
git at videolan.org
Sun Oct 11 13:20:39 CEST 2015
ffmpeg | branch: master | Michael Niedermayer <michael at niedermayer.cc> | Sun Oct 11 13:09:56 2015 +0200| [47c5a3058eeae2043bd0dc2704b024cac8adcb3b] | committer: Michael Niedermayer
avcodec/pngdec: Alloc buffer after blend_op check in handle_p_frame_apng()
Avoids memleak on error
Fixes CID1322342
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=47c5a3058eeae2043bd0dc2704b024cac8adcb3b
---
libavcodec/pngdec.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/libavcodec/pngdec.c b/libavcodec/pngdec.c
index 2ab456d..a998b1d 100644
--- a/libavcodec/pngdec.c
+++ b/libavcodec/pngdec.c
@@ -969,10 +969,7 @@ static int handle_p_frame_apng(AVCodecContext *avctx, PNGDecContext *s,
AVFrame *p)
{
size_t x, y;
- uint8_t *buffer = av_malloc(s->image_linesize * s->height);
-
- if (!buffer)
- return AVERROR(ENOMEM);
+ uint8_t *buffer;
if (s->blend_op == APNG_BLEND_OP_OVER &&
avctx->pix_fmt != AV_PIX_FMT_RGBA &&
@@ -983,6 +980,11 @@ static int handle_p_frame_apng(AVCodecContext *avctx, PNGDecContext *s,
return AVERROR_PATCHWELCOME;
}
+ buffer = av_malloc(s->image_linesize * s->height);
+ if (!buffer)
+ return AVERROR(ENOMEM);
+
+
// Do the disposal operation specified by the last frame on the frame
if (s->last_dispose_op != APNG_DISPOSE_OP_PREVIOUS) {
ff_thread_await_progress(&s->last_picture, INT_MAX, 0);
More information about the ffmpeg-cvslog
mailing list