[FFmpeg-devel] [PATCH 1/4] lavu/opt: check for NULL before parsing

Lukasz Marek lukasz.m.luki2 at gmail.com
Mon Nov 10 06:22:07 CET 2014


On 10.11.2014 03:21, Michael Niedermayer wrote:
> On Sun, Nov 09, 2014 at 11:22:46PM +0100, Lukasz Marek wrote:
>> set_string_binary crashes with called with val=NULL
>>
>> Signed-off-by: Lukasz Marek <lukasz.m.luki2 at gmail.com>
>> ---
>>   libavutil/opt.c | 6 +++++-
>>   1 file changed, 5 insertions(+), 1 deletion(-)
>>
>> diff --git a/libavutil/opt.c b/libavutil/opt.c
>> index fca5354..bc62044 100644
>> --- a/libavutil/opt.c
>> +++ b/libavutil/opt.c
>> @@ -126,11 +126,15 @@ static int set_string_binary(void *obj, const AVOption *o, const char *val, uint
>>   {
>>       int *lendst = (int *)(dst + 1);
>>       uint8_t *bin, *ptr;
>> -    int len = strlen(val);
>> +    int len;
>>
>>       av_freep(dst);
>>       *lendst = 0;
>>
>> +    if (!val)
>> +        return AVERROR(EINVAL);
>
> this deallocates dest and then returns failure
> shouldnt it either not fail or not change the state of dst ?

Yes, it is inconsistent.  I changed to return 0.
Also, I added check for length 0 to avoid malloc returned some pointer 
for 0 bytes block.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-lavu-opt-check-for-NULL-before-parsing.patch
Type: text/x-patch
Size: 915 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20141110/9e0e75b9/attachment.bin>


More information about the ffmpeg-devel mailing list