[FFmpeg-devel] [PATCH] lavfi: fix use-after-free in ff_filter_frame.
Nicolas George
nicolas.george at normalesup.org
Tue Jan 8 12:57:56 CET 2013
Unlike the original ff_start_frame code, the incoming reference
may be freed before that point.
Fix CID966654.
Signed-off-by: Nicolas George <nicolas.george at normalesup.org>
---
libavfilter/avfilter.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavfilter/avfilter.c b/libavfilter/avfilter.c
index 4edd5be..8c06173 100644
--- a/libavfilter/avfilter.c
+++ b/libavfilter/avfilter.c
@@ -706,7 +706,7 @@ static int ff_filter_frame_framed(AVFilterLink *link, AVFilterBufferRef *frame)
} else
out = frame;
- while(cmd && cmd->time <= frame->pts * av_q2d(link->time_base)){
+ while(cmd && cmd->time <= out->pts * av_q2d(link->time_base)){
av_log(link->dst, AV_LOG_DEBUG,
"Processing command time:%f command:%s arg:%s\n",
cmd->time, cmd->command, cmd->arg);
--
1.7.10.4
More information about the ffmpeg-devel
mailing list