[FFmpeg-devel] [PATCH] avcodec/mfenc: fix double-free on init failure
Martin Storsjö
martin at martin.st
Sat Jan 21 23:58:32 EET 2023
On Fri, 20 Jan 2023, Cameron Gutman wrote:
> mfenc sets FF_CODEC_CAP_INIT_CLEANUP, so calling mf_close() on
> failure inside mf_init() results in a double-free.
>
> Signed-off-by: Cameron Gutman <aicommander at gmail.com>
> ---
> libavcodec/mfenc.c | 1 -
> 1 file changed, 1 deletion(-)
>
> diff --git a/libavcodec/mfenc.c b/libavcodec/mfenc.c
> index 36a6d8482d..f3415df10b 100644
> --- a/libavcodec/mfenc.c
> +++ b/libavcodec/mfenc.c
> @@ -1214,7 +1214,6 @@ static int mf_init(AVCodecContext *avctx)
> return 0;
> }
> }
> - mf_close(avctx);
> return ret;
> }
This change looks correct to me - thanks for that!
However I think it'd be even nicer if we could make mf_close safe to call
multiple times at the same time (but the duplicate call should of course
still be removed); if we'd reset c->codec_api and c->async_events to NULL,
it would be safe to call multiple times, right?
// Martin
More information about the ffmpeg-devel
mailing list