ffmpeg | branch: master | Andreas Cadhalpun <andreas.cadhal...@googlemail.com> | Fri Nov 4 23:33:02 2016 +0100| [43de8b328b62cf21ec176c3989065168da471a5f] | committer: Luca Barbato
lzf: update pointer p after realloc This fixes heap-use-after-free detected by AddressSanitizer. Signed-off-by: Andreas Cadhalpun <andreas.cadhal...@googlemail.com> Signed-off-by: Luca Barbato <lu_z...@gentoo.org> > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=43de8b328b62cf21ec176c3989065168da471a5f --- libavcodec/lzf.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libavcodec/lzf.c b/libavcodec/lzf.c index 35b932b..0329fe0 100644 --- a/libavcodec/lzf.c +++ b/libavcodec/lzf.c @@ -53,6 +53,7 @@ int ff_lzf_uncompress(GetByteContext *gb, uint8_t **buf, int64_t *size) ret = av_reallocp(buf, *size); if (ret < 0) return ret; + p = *buf + len; } bytestream2_get_buffer(gb, p, s); @@ -75,6 +76,7 @@ int ff_lzf_uncompress(GetByteContext *gb, uint8_t **buf, int64_t *size) ret = av_reallocp(buf, *size); if (ret < 0) return ret; + p = *buf + len; } av_memcpy_backptr(p, off, l); _______________________________________________ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
