ffmpeg | branch: master | Mark Thompson <s...@jkqxz.net> | Wed May 14 21:47:00 2025 +0100| [88f2ccdf16b7aa7c47d3683eabcc58ba9a247f24] | committer: Mark Thompson
cbs_apv: Fix memory leak on metadata parse failure Buffers are allocated inside some metadata types, so we must ensure that the object is visible to the free function before a parse failure. Found by libFuzzer. > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=88f2ccdf16b7aa7c47d3683eabcc58ba9a247f24 --- libavcodec/cbs_apv_syntax_template.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libavcodec/cbs_apv_syntax_template.c b/libavcodec/cbs_apv_syntax_template.c index ca66349141..fc8a08ff31 100644 --- a/libavcodec/cbs_apv_syntax_template.c +++ b/libavcodec/cbs_apv_syntax_template.c @@ -543,11 +543,11 @@ static int FUNC(metadata)(CodedBitstreamContext *ctx, RWContext *rw, return AVERROR_INVALIDDATA; } + current->metadata_count = p + 1; + CHECK(FUNC(metadata_payload)(ctx, rw, pl)); metadata_bytes_left -= pl->payload_size; - - current->metadata_count = p + 1; if (metadata_bytes_left == 0) break; } _______________________________________________ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog To unsubscribe, visit link above, or email ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
