[FFmpeg-devel] [PATCH] avutil/hwcontext: Don't assume frames_uninit is reentrant
徐浩宇
dawndreaming97 at gmail.com
Wed Oct 23 21:14:55 EEST 2024
I have discovered that the vulnerability addressed by commit 3bb00c0
<https://github.com/ffmpeg/ffmpeg/commit/3bb00c0a420c3ce83c6fafee30270d69622ccad7>
also
affects the release/6.1 branch,but the fix has not yet been applied. Given
that there were relevant commits to the release/6.1 branch just two weeks
ago, I believe it is an active branch and should be properly patched.To
address this, I have created this patch for release/6.1 based on 3bb00c0
<https://github.com/ffmpeg/ffmpeg/commit/3bb00c0a420c3ce83c6fafee30270d69622ccad7>
.
Signed-off-by: sprinkle <dawndreaming97 at gmail.com>
---
libavutil/hwcontext.c | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/libavutil/hwcontext.c b/libavutil/hwcontext.c
index 3650d46..0ef3479 100644
--- a/libavutil/hwcontext.c
+++ b/libavutil/hwcontext.c
@@ -363,7 +363,7 @@ int av_hwframe_ctx_init(AVBufferRef *ref)
if (ctx->internal->hw_type->frames_init) {
ret = ctx->internal->hw_type->frames_init(ctx);
if (ret < 0)
- goto fail;
+ return ret;
}
if (ctx->internal->pool_internal && !ctx->pool)
@@ -373,14 +373,10 @@ int av_hwframe_ctx_init(AVBufferRef *ref)
if (ctx->initial_pool_size > 0) {
ret = hwframe_pool_prealloc(ref);
if (ret < 0)
- goto fail;
+ return ret;
}
return 0;
-fail:
- if (ctx->internal->hw_type->frames_uninit)
- ctx->internal->hw_type->frames_uninit(ctx);
- return ret;
}
int av_hwframe_transfer_get_formats(AVBufferRef *hwframe_ref,
--
2.7.4
More information about the ffmpeg-devel
mailing list