[FFmpeg-cvslog] avformat/isom: free extradata on failure to read it

Michael Niedermayer git at videolan.org
Wed Dec 25 17:48:52 CET 2013


ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Mon Dec 23 18:09:58 2013 +0100| [ac480cb58dbe7859c96a08e9e5cd3dd3b0fb0ae7] | committer: Michael Niedermayer

avformat/isom: free extradata  on failure to read it

Fixes use of uninitialized memory
Fixes: msan_uninit-mem_7f607d80f661_6965_mov00003.mqv
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ac480cb58dbe7859c96a08e9e5cd3dd3b0fb0ae7
---

 libavformat/isom.c |    5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/libavformat/isom.c b/libavformat/isom.c
index 8a85fe3..da789d6 100644
--- a/libavformat/isom.c
+++ b/libavformat/isom.c
@@ -460,8 +460,11 @@ int ff_mp4_read_dec_config_descr(AVFormatContext *fc, AVStream *st, AVIOContext
         av_free(st->codec->extradata);
         if (ff_alloc_extradata(st->codec, len))
             return AVERROR(ENOMEM);
-        if ((ret = avio_read(pb, st->codec->extradata, len)) != len)
+        if ((ret = avio_read(pb, st->codec->extradata, len)) != len) {
+            av_freep(&st->codec->extradata);
+            st->codec->extradata_size = 0;
             return ret < 0 ? ret : AVERROR_INVALIDDATA;
+        }
         if (st->codec->codec_id == AV_CODEC_ID_AAC) {
             MPEG4AudioConfig cfg = {0};
             avpriv_mpeg4audio_get_config(&cfg, st->codec->extradata,



More information about the ffmpeg-cvslog mailing list