[FFmpeg-devel] [PATCH 1/2] h264_picture: Actually return error during alloc failure
Derek Buitenhuis
derek.buitenhuis at gmail.com
Fri Nov 24 21:27:12 EET 2017
Fixes NULL dereference during alloc failure.
Signed-off-by: Derek Buitenhuis <derek.buitenhuis at gmail.com>
---
libavcodec/h264_picture.c | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/libavcodec/h264_picture.c b/libavcodec/h264_picture.c
index e7dd84bc47..e833835a77 100644
--- a/libavcodec/h264_picture.c
+++ b/libavcodec/h264_picture.c
@@ -78,24 +78,30 @@ int ff_h264_ref_picture(H264Context *h, H264Picture *dst, H264Picture *src)
dst->qscale_table_buf = av_buffer_ref(src->qscale_table_buf);
dst->mb_type_buf = av_buffer_ref(src->mb_type_buf);
- if (!dst->qscale_table_buf || !dst->mb_type_buf)
+ if (!dst->qscale_table_buf || !dst->mb_type_buf) {
+ ret = AVERROR(ENOMEM);
goto fail;
+ }
dst->qscale_table = src->qscale_table;
dst->mb_type = src->mb_type;
for (i = 0; i < 2; i++) {
dst->motion_val_buf[i] = av_buffer_ref(src->motion_val_buf[i]);
dst->ref_index_buf[i] = av_buffer_ref(src->ref_index_buf[i]);
- if (!dst->motion_val_buf[i] || !dst->ref_index_buf[i])
+ if (!dst->motion_val_buf[i] || !dst->ref_index_buf[i]) {
+ ret = AVERROR(ENOMEM);
goto fail;
+ }
dst->motion_val[i] = src->motion_val[i];
dst->ref_index[i] = src->ref_index[i];
}
if (src->hwaccel_picture_private) {
dst->hwaccel_priv_buf = av_buffer_ref(src->hwaccel_priv_buf);
- if (!dst->hwaccel_priv_buf)
+ if (!dst->hwaccel_priv_buf) {
+ ret = AVERROR(ENOMEM);
goto fail;
+ }
dst->hwaccel_picture_private = dst->hwaccel_priv_buf->data;
}
--
2.15.0
More information about the ffmpeg-devel
mailing list