isom: Uninit layout in ff_mp4_read_dec_config_descr()

James Almer Mon, 01 Apr 2024 14:33:21 -0700

On 4/1/2024 5:56 PM, Michael Niedermayer wrote:

Fixes: memleak
Fixes: 
67442/clusterfuzz-testcase-minimized-ffmpeg_dem_CAF_fuzzer-5068813261406208


Found-by: continuous fuzzing process 
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
---
  libavformat/isom.c | 1 +
  1 file changed, 1 insertion(+)

diff --git a/libavformat/isom.c b/libavformat/isom.c
index 9fbccd4437f..c5930bd4d87 100644
--- a/libavformat/isom.c
+++ b/libavformat/isom.c
@@ -359,6 +359,7 @@ int ff_mp4_read_dec_config_descr(AVFormatContext *fc, 
AVStream *st, AVIOContext
                                                  st->codecpar->extradata_size, 
1, fc);
              if (ret < 0)
                  return ret;
+            av_channel_layout_uninit(&st->codecpar->ch_layout);
              st->codecpar->ch_layout.order = AV_CHANNEL_ORDER_UNSPEC;

Not strictly related to this fix, but should we really drop the layouthere by forcing unspec? We're also not even bothering to check ifcfg.channels matches st->codecpar->ch_layout.nb_channels.

              st->codecpar->ch_layout.nb_channels = cfg.channels;
              if (cfg.object_type == 29 && cfg.sampling_index < 3) // old mp3on4

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".

Re: [FFmpeg-devel] [PATCH 1/6] avformat/isom: Uninit layout in ff_mp4_read_dec_config_descr()

Reply via email to