> 2022年2月11日 上午10:01,James Almer <jamr...@gmail.com> 写道: > > On 2/10/2022 10:43 PM, Steven Liu wrote: >>> 2022年2月10日 下午8:27,James Almer <jamr...@gmail.com> 写道: >>> >>> On 2/10/2022 9:20 AM, Steven Liu wrote: >>>> because the src, src->hw_frames_ctx and src->hw_frames_ctx->data can be >>>> set to null when the user calling av_hwframe_transfer_data, this will >>>> get crash if they are null. >>> >>> src can not be NULL. The doxy doesn't allow it. >> Hi James, >> User call av_hwframe_transfer_data like this: >> av_hwframe_transfer_data(dst, NULL, 0); >> It will crash when dst->buf[0] is null. >> Because dst->buf[0] is null and src is null, it will call >> transfer_data_alloc, but the first line is ctx = >> (AVHWFramesContext*)src->hw_frames_ctx->data; in transfer_data_alloc, >> It using src->hw_frames_ctx. >> av_hwframe_transfer_data is av_*, it is API to user. >> Maybe this is not logic problem, looks like a security problem. > > I know what happens when you pass NULL as src argument. My point is that it's > not a security problem because that's an API violation and an explicitly > forbidden scenario: Neither src or dst can be NULL, and at least one of them > must have an AVHWFramesContext attached. Any application not following that > is faulty and buggy, and needs to be fixed. > > And you can get crashes by passing NULL arguments to lots of public libav* > functions, not just this one. Won’t we fix them?
Thanks Steven Liu _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
