[FFmpeg-devel] [PATCH] lavf/tee: fix side data double free.
wm4
nfxjfg at googlemail.com
Sat Oct 10 19:05:27 CEST 2015
On Sat, 10 Oct 2015 15:19:43 +0200
Nicolas George <george at nsup.org> wrote:
> Similar to 33fefdb44.
> Fix trac ticket #4921.
>
> Signed-off-by: Nicolas George <george at nsup.org>
> ---
> libavformat/tee.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/libavformat/tee.c b/libavformat/tee.c
> index c619eae..a86952b 100644
> --- a/libavformat/tee.c
> +++ b/libavformat/tee.c
> @@ -403,6 +403,8 @@ static int filter_packet(void *log_ctx, AVPacket *pkt,
> }
>
> if (ret > 0) {
> + pkt->side_data = NULL;
> + pkt->side_data_elems = 0;
> av_free_packet(pkt);
> new_pkt.buf = av_buffer_create(new_pkt.data, new_pkt.size,
> av_buffer_default_free, NULL, 0);
This looks suspicious. Like some code above this does unclean tricks
with keeping side-data somehow referenced, instead of using proper
methods like creating a new AVPacket reference.
More information about the ffmpeg-devel
mailing list