[FFmpeg-devel] [PATCH] mov: Fix leaking memory with multiple drefs.

dalecurtis at chromium.org dalecurtis at chromium.org
Fri Apr 13 02:56:57 CEST 2012

From: Dale Curtis <dalecurtis at chromium.org>

Instead of allocating over the original, free first. MOVStreamContext
is zero initialized so no double free will occur. Same style as other
fixes for the same problem in this file.

Signed-off-by: Dale Curtis <dalecurtis at chromium.org>
 libavformat/mov.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/libavformat/mov.c b/libavformat/mov.c
index b4ff1df..7075033 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -400,6 +400,7 @@ static int mov_read_dref(MOVContext *c, AVIOContext *pb, MOVAtom atom)
     entries = avio_rb32(pb);
     if (entries >= UINT_MAX / sizeof(*sc->drefs))
         return AVERROR_INVALIDDATA;
+    av_free(sc->drefs);
     sc->drefs = av_mallocz(entries * sizeof(*sc->drefs));
     if (!sc->drefs)
         return AVERROR(ENOMEM);

More information about the ffmpeg-devel mailing list