[FFmpeg-devel] [PATCH] mxfdec: fix double free
Tomas Härdin
tomas.hardin at codemill.se
Sun Dec 9 18:55:57 CET 2012
On Sat, 2012-12-08 at 05:23 +0100, Michael Niedermayer wrote:
> Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
> Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> ---
> libavformat/mxfdec.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/libavformat/mxfdec.c b/libavformat/mxfdec.c
> index 921dc42..a1884f1 100644
> --- a/libavformat/mxfdec.c
> +++ b/libavformat/mxfdec.c
> @@ -1499,8 +1499,9 @@ static int mxf_parse_structural_metadata(MXFContext *mxf)
> codec_ul = mxf_get_codec_ul(ff_mxf_codec_uls, &descriptor->essence_codec_ul);
> st->codec->codec_id = (enum AVCodecID)codec_ul->id;
> if (descriptor->extradata) {
> - st->codec->extradata = descriptor->extradata;
> - st->codec->extradata_size = descriptor->extradata_size;
> + st->codec->extradata = av_mallocz(descriptor->extradata_size + FF_INPUT_BUFFER_PADDING_SIZE);
> + if (st->codec->extradata)
> + memcpy(st->codec->extradata, descriptor->extradata, descriptor->extradata_size);
> }
> if (st->codec->codec_type == AVMEDIA_TYPE_VIDEO) {
> source_track->intra_only = mxf_is_intra_only(descriptor);
> @@ -2224,6 +2225,9 @@ static int mxf_read_close(AVFormatContext *s)
>
> for (i = 0; i < mxf->metadata_sets_count; i++) {
> switch (mxf->metadata_sets[i]->type) {
> + case Descriptor:
> + av_freep(&((MXFDescriptor *)mxf->metadata_sets[i])->extradata);
> + break;
> case MultipleDescriptor:
> av_freep(&((MXFDescriptor *)mxf->metadata_sets[i])->sub_descriptors_refs);
> break;
OK.
Future patch idea: check that extradata hasn't already been parsed when
parsing the descriptor. That would avoid a potential memory leak.
/Tomas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20121209/c6db159f/attachment.asc>
More information about the ffmpeg-devel
mailing list