Fixes: integer overflow Fixes: inconsistent frame dimensions Fixes: 10454/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RASC_fuzzer-5656301162463232
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> --- libavcodec/rasc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavcodec/rasc.c b/libavcodec/rasc.c index eb021681c6..e8e0740ddd 100644 --- a/libavcodec/rasc.c +++ b/libavcodec/rasc.c @@ -95,10 +95,10 @@ static int init_frames(AVCodecContext *avctx) int ret; av_frame_unref(s->frame1); + av_frame_unref(s->frame2); if ((ret = ff_get_buffer(avctx, s->frame1, 0)) < 0) return ret; - av_frame_unref(s->frame2); if ((ret = ff_get_buffer(avctx, s->frame2, 0)) < 0) return ret; -- 2.19.0 _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
