[FFmpeg-devel] fftools/ffmpeg_optc AVDictionary **opts, If memory allocation fails,
Yy
young_chelsea at 163.com
Fri Dec 3 14:06:39 EET 2021
> 2021年12月3日 下午5:42,Andreas Rheinhardt <andreas.rheinhardt at outlook.com> 写道:
>
> Yu Yang:
>> Opts is assigned by setup_find_stream_info_opts(). Opts may be NULL.
>> This situation is compatible in avformat_find_stream_info().
>> Before av_dict_free(), the necessary checks were ignored.
>>
>> // in fftools/ffmpeg_opt.c:1266
>> 1067 static int open_input_file(OptionsContext *o, const char *filename)
>> 1068 {
>> ...
>> 1191 AVDictionary **opts = setup_find_stream_info_opts(ic, o->g->codec_opts);
>> ...
>> 1196 ret = avformat_find_stream_info(ic, opts);
>> 1197
>> 1198 for (i = 0; i < orig_nb_streams; i++)
>> 1199 av_dict_free(&opts[i]);
>> ...
>> 1342 }
>> ```
>> ```c
>> // in libavutil/dict.c:203
>> 203 void av_dict_free(AVDictionary **pm)
>> 204 {
>> 205 AVDictionary *m = *pm;
>> ...
>> 215 }
>>
>> coredump backtrace info:
>> ==6235==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x000006ba9c2f bp 0x7ffc3d5baa30 sp 0x7ffc3d5ba9a0 T0)
>> ==6235==The signal is caused by a READ memory access.
>> ==6235==Hint: address points to the zero page.
>> #0 0x6ba9c2f in av_dict_free /home/r1/ffmpeg/ffmpeg-4.4.1/build/src/libavutil/dict.c:205:23
>> #1 0x4ce5ac in open_input_file /home/r1/ffmpeg/ffmpeg-4.4.1/build/src/fftools/ffmpeg_opt.c:1199:13
>> #2 0x4c9dc0 in open_files /home/r1/ffmpeg/ffmpeg-4.4.1/build/src/fftools/ffmpeg_opt.c:3338:15
>> #3 0x4c9295 in ffmpeg_parse_options /home/r1/ffmpeg/ffmpeg-4.4.1/build/src/fftools/ffmpeg_opt.c:3378:11
>> #4 0x58f241 in main /home/r1/ffmpeg/ffmpeg-4.4.1/build/src/fftools/ffmpeg.c:4988:11
>> #5 0x7fe35197f0b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16
>> #6 0x42033d in _start (/home/r1/ffmpeg/ffmpeg_4.4.1+0x42033d)
>>
>> Reported-by: TOTE Robot <oslab at tsinghua.edu.cn>
>> Signed-off-by: Yu Yang <young_chelsea at 163.com>
>> ---
>> fftools/ffmpeg_opt.c | 9 +++++----
>> 1 file changed, 5 insertions(+), 4 deletions(-)
>>
>> diff --git a/fftools/ffmpeg_opt.c b/fftools/ffmpeg_opt.c
>> index a27263b879..a9fc54d948 100644
>> --- a/fftools/ffmpeg_opt.c
>> +++ b/fftools/ffmpeg_opt.c
>> @@ -1197,10 +1197,11 @@ static int open_input_file(OptionsContext *o, const char *filename)
>> /* If not enough info to get the stream parameters, we decode the
>> first frames to get it. (used in mpeg case for example) */
>> ret = avformat_find_stream_info(ic, opts);
>> -
>> - for (i = 0; i < orig_nb_streams; i++)
>> - av_dict_free(&opts[i]);
>> - av_freep(&opts);
>> + if (opts){
>> + for (i = 0; i < orig_nb_streams; i++)
>> + av_dict_free(&opts[i]);
>> + av_freep(&opts);
>> + }
>>
>> if (ret < 0) {
>> av_log(NULL, AV_LOG_FATAL, "%s: could not find codec parameters\n", filename);
>>
>
> You should instead check setup_find_stream_info_opts() (either only call
> it if orig_nb_streams is > 0 or modify it to return an error code given
> that it can currently return NULL even on nonerror).
Thanks for your advice, i will try to fix it again.
>
> - Andreas
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request at ffmpeg.org with subject "unsubscribe".
More information about the ffmpeg-devel
mailing list