[FFmpeg-devel] [PATCH 1/2] fftools/ffmpeg_mux_init: Fix attachment_filename use-after-free
Anton Khirnov
anton at khirnov.net
Sun Feb 18 18:57:31 EET 2024
Quoting Andreas Rheinhardt (2024-02-18 16:10:06)
> The filename is freed with the OptionsContext and therefore
> there will be a use-after-free when reporting the filename
> in print_stream_maps(). So create a copy of the string.
>
> This is a regression since 8aed3911fc454e79697e183660bf30d31334a64b.
> fate-lavf-mkv_attachment exhibits it (and reports a random nonsense
> filename here), but this does not make the test fail (not even with
> valgrind; only with ASAN, as it aborts on use-after-free).
>
> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt at outlook.com>
> ---
> fftools/ffmpeg.h | 2 +-
> fftools/ffmpeg_mux.c | 2 ++
> fftools/ffmpeg_mux_init.c | 10 +++++++++-
> 3 files changed, 12 insertions(+), 2 deletions(-)
Ok
--
Anton Khirnov
More information about the ffmpeg-devel
mailing list