[FFmpeg-cvslog] cbs_apv: Fix memory leak on metadata parse failure
Mark Thompson
git at videolan.org
Sat May 17 13:28:52 EEST 2025
ffmpeg | branch: master | Mark Thompson <sw at jkqxz.net> | Wed May 14 21:47:00 2025 +0100| [88f2ccdf16b7aa7c47d3683eabcc58ba9a247f24] | committer: Mark Thompson
cbs_apv: Fix memory leak on metadata parse failure
Buffers are allocated inside some metadata types, so we must ensure
that the object is visible to the free function before a parse failure.
Found by libFuzzer.
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=88f2ccdf16b7aa7c47d3683eabcc58ba9a247f24
---
libavcodec/cbs_apv_syntax_template.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libavcodec/cbs_apv_syntax_template.c b/libavcodec/cbs_apv_syntax_template.c
index ca66349141..fc8a08ff31 100644
--- a/libavcodec/cbs_apv_syntax_template.c
+++ b/libavcodec/cbs_apv_syntax_template.c
@@ -543,11 +543,11 @@ static int FUNC(metadata)(CodedBitstreamContext *ctx, RWContext *rw,
return AVERROR_INVALIDDATA;
}
+ current->metadata_count = p + 1;
+
CHECK(FUNC(metadata_payload)(ctx, rw, pl));
metadata_bytes_left -= pl->payload_size;
-
- current->metadata_count = p + 1;
if (metadata_bytes_left == 0)
break;
}
More information about the ffmpeg-cvslog
mailing list