[FFmpeg-devel] [PATCH] cbs_apv: Fix memory leak on metadata parse failure
Mark Thompson
sw at jkqxz.net
Wed May 14 23:50:25 EEST 2025
Buffers are allocated inside some metadata types, so we must ensure
that the object is visible to the free function before a parse failure.
Found by libFuzzer.
---
libavcodec/cbs_apv_syntax_template.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libavcodec/cbs_apv_syntax_template.c b/libavcodec/cbs_apv_syntax_template.c
index ca66349141..fc8a08ff31 100644
--- a/libavcodec/cbs_apv_syntax_template.c
+++ b/libavcodec/cbs_apv_syntax_template.c
@@ -543,11 +543,11 @@ static int FUNC(metadata)(CodedBitstreamContext *ctx, RWContext *rw,
return AVERROR_INVALIDDATA;
}
+ current->metadata_count = p + 1;
+
CHECK(FUNC(metadata_payload)(ctx, rw, pl));
metadata_bytes_left -= pl->payload_size;
-
- current->metadata_count = p + 1;
if (metadata_bytes_left == 0)
break;
}
--
2.47.2
More information about the ffmpeg-devel
mailing list