[FFmpeg-devel] [PATCH 1/1] Add null check for the frame pointer

Baozeng Ding sploving1 at gmail.com
Mon Jun 25 12:53:41 EEST 2018


Signed-off-by: Baozeng Ding <sploving1 at gmail.com>

The argument `frame` for avcodec_receive_frame function is user controlled. If
a null pointer is passed from the user, it will cause a segmentation fault.
---
 libavcodec/decode.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/libavcodec/decode.c b/libavcodec/decode.c
index 6a3a4df1..689e90d 100644
--- a/libavcodec/decode.c
+++ b/libavcodec/decode.c
@@ -711,6 +711,7 @@ int attribute_align_arg avcodec_receive_frame(AVCodecContext *avctx, AVFrame *fr
     AVCodecInternal *avci = avctx->internal;
     int ret;
 
+    av_assert0(!frame);
     av_frame_unref(frame);
 
     if (!avcodec_is_open(avctx) || !av_codec_is_decoder(avctx->codec))
-- 
2.7.4



More information about the ffmpeg-devel mailing list