[FFmpeg-devel] [PATCH v1] avformat/mpeg: fix CID 1455132: Memory - illegal accesses (UNINIT)

Andreas Rheinhardt andreas.rheinhardt at gmail.com
Thu Oct 24 05:07:37 EEST 2019


On Thu, Oct 24, 2019 at 3:36 AM <lance.lmwang at gmail.com> wrote:

> From: Limin Wang <lance.lmwang at gmail.com>
>
> Before header_str is initialized, the code is possible to goto end and
> free the
> header_str and cause invalid access.
>
> Signed-off-by: Limin Wang <lance.lmwang at gmail.com>
> ---
>  libavformat/mpeg.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/libavformat/mpeg.c b/libavformat/mpeg.c
> index c33401f1a0..ebc064931a 100644
> --- a/libavformat/mpeg.c
> +++ b/libavformat/mpeg.c
> @@ -720,7 +720,7 @@ static int vobsub_read_header(AVFormatContext *s)
>      int i, ret = 0, header_parsed = 0, langidx = 0;
>      MpegDemuxContext *vobsub = s->priv_data;
>      size_t fname_len;
> -    char *header_str;
> +    char *header_str = NULL;
>      AVBPrint header;
>      int64_t delay = 0;
>      AVStream *st = NULL;
> --
> 2.21.0
>
> Posted a patch for this two days ago:
https://ffmpeg.org/pipermail/ffmpeg-devel/2019-October/251957.html

- Andreas


More information about the ffmpeg-devel mailing list