ffmpeg | branch: release/4.0 | Andreas Rheinhardt <[email protected]> | Sun Jun 14 09:19:38 2020 +0200| [ed1339dcb2590b011c35fa29122586fa2bc8b91e] | committer: Andreas Rheinhardt
avformat/mov: Fix memleak upon encountering repeating tags mov_read_custom tries to read three strings belonging to three different tags. When an already encountered tag is encountered again, a new buffer for the string to be read is allocated and stored in the pointer destined for this particular tag. But in this scenario, said pointer already holds the address of the string read earlier, leading to a leak. This commit therefore aborts the reading process upon encountering an already encountered tag. Signed-off-by: Andreas Rheinhardt <[email protected]> (cherry picked from commit dfef1d5e3cd4dfead84416a01e6c9ff0da50b34d) Signed-off-by: Andreas Rheinhardt <[email protected]> > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ed1339dcb2590b011c35fa29122586fa2bc8b91e --- libavformat/mov.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/libavformat/mov.c b/libavformat/mov.c index f8adbf6cd5..c3e391e0c1 100644 --- a/libavformat/mov.c +++ b/libavformat/mov.c @@ -4370,6 +4370,9 @@ static int mov_read_custom(MOVContext *c, AVIOContext *pb, MOVAtom atom) } else break; + if (*p) + break; + *p = av_malloc(len + 1); if (!*p) { ret = AVERROR(ENOMEM); _______________________________________________ ffmpeg-cvslog mailing list [email protected] https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog To unsubscribe, visit link above, or email [email protected] with subject "unsubscribe".
