[FFmpeg-devel] [PATCH] avcodec/nvenc: fix NULL pointer dereference
Zhao Zhili
quinkblack at foxmail.com
Tue Feb 28 17:03:34 EET 2023
> From: ffmpeg-devel <ffmpeg-devel-bounces at ffmpeg.org> On Behalf Of Timo Rothenpieler
> Sent: 2023年2月28日 22:37
> To: ffmpeg-devel at ffmpeg.org
> Subject: Re: [FFmpeg-devel] [PATCH] avcodec/nvenc: fix NULL pointer dereference
>
> On 28.02.2023 19:43, Zhao Zhili wrote:
> > From: Zhao Zhili <zhilizhao at tencent.com>
> >
> > This can happen if encoder init failed before setup the queue, then
> > reorder_queue_flush() is called by close().
> >
> > Fix ticket #10221
> >
> > Signed-off-by: Zhao Zhili <zhilizhao at tencent.com>
> > ---
> > libavcodec/nvenc.c | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > diff --git a/libavcodec/nvenc.c b/libavcodec/nvenc.c
> > index 8a28454042..dda2dc3ba1 100644
> > --- a/libavcodec/nvenc.c
> > +++ b/libavcodec/nvenc.c
> > @@ -178,6 +178,8 @@ static void reorder_queue_flush(AVFifo *queue)
> > {
> > FrameData fd;
> >
> > + if (!queue)
> > + return;
> > while (av_fifo_read(queue, &fd, 1) >= 0)
> > av_buffer_unref(&fd.frame_opaque_ref);
> > }
>
> This should probably be an assert0, and the function should not be
> called to begin with if the queue is NULL.
I can move the check from here to close(). assert is helpful if it can catch
bugs during development. It doesn't help much here since this is a rare case
which doesn't triggered during development.
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request at ffmpeg.org with subject "unsubscribe".
More information about the ffmpeg-devel
mailing list