wc3_read_header() might fail after having read some data into a packet in which case this data would leak. Fix this by setting the AVFMT_HEADER_CLEANUP flag that ensures that the demuxer's read_close function is called (it unrefs the packet) if reading the header failed.
Fixes: memleak Fixes: 23660/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-6007508031504384 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Andreas Rheinhardt <andreas.rheinha...@gmail.com> --- Michael, can you confirm that this fixes the memleak? libavformat/wc3movie.c | 1 + 1 file changed, 1 insertion(+) diff --git a/libavformat/wc3movie.c b/libavformat/wc3movie.c index 6577007777..ebe2196052 100644 --- a/libavformat/wc3movie.c +++ b/libavformat/wc3movie.c @@ -299,6 +299,7 @@ static int wc3_read_close(AVFormatContext *s) AVInputFormat ff_wc3_demuxer = { .name = "wc3movie", .long_name = NULL_IF_CONFIG_SMALL("Wing Commander III movie"), + .flags = AVFMT_HEADER_CLEANUP, .priv_data_size = sizeof(Wc3DemuxContext), .read_probe = wc3_probe, .read_header = wc3_read_header, -- 2.20.1 _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
