From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 2826A42A10 for ; Tue, 11 Jan 2022 02:30:43 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 1F3EF68AC71; Tue, 11 Jan 2022 04:30:41 +0200 (EET) Received: from mail-m975.mail.163.com (mail-m975.mail.163.com [123.126.97.5]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 7EC5568030F for ; Tue, 11 Jan 2022 04:30:33 +0200 (EET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=163.com; s=s110527; h=From:Subject:Date:Message-Id:MIME-Version; bh=pMRCy 1kGMJJ6ySeg7r4lWezHvoAgf19AUnOHm8d5bww=; b=bbclqyPy6NYLa+WMIzZSI f1fPgYy0jl4LszyMe2LDlvz7aJcEQCVYbgnX4YzZ7HNXjZS3tdE1upMNvHdASYPH oPGO5X97pBaprp3Z9pXN1cYSrAf5/l1P7YpKo4R6N74oEcUSX2DS034WEcZBTlmk TO8BQhYy9M/UUssfcADSY0= Received: from localhost.localdomain (unknown [103.107.216.225]) by smtp5 (Coremail) with SMTP id HdxpCgCngfHF69xhJMH2Ew--.27945S2; Tue, 11 Jan 2022 10:30:29 +0800 (CST) From: 13102179620@163.com To: ffmpeg-devel@ffmpeg.org Date: Tue, 11 Jan 2022 10:30:25 +0800 Message-Id: <20220111023025.72632-1-13102179620@163.com> X-Mailer: git-send-email 2.30.0 MIME-Version: 1.0 X-CM-TRANSID: HdxpCgCngfHF69xhJMH2Ew--.27945S2 X-Coremail-Antispam: 1Uf129KBjvdXoWrtrWxWw17WF1xXw1rKrW7urg_yoWftrX_Ka s3ArsrJryYyF9rtw1q9F4kJFW5Kw4kWFZavr15Zr9aq3yfX3s5Wa4kurs5X3Z5Jr4Yvrsx t34Skr1rJwna9jkaLaAFLSUrUUUUUb8apTn2vfkv8UJUUUU8Yxn0WfASr-VFAUDa7-sFnT 9fnUUvcSsGvfC2KfnxnUUI43ZEXa7IUb6BT7UUUUU== X-Originating-IP: [103.107.216.225] X-CM-SenderInfo: jprtiiisrxmlisq6il2tof0z/1tbipROFj1UMipTFPQABsC Subject: [FFmpeg-devel] [PATCH] avformat/asfdec: init avpacket by av_packet_alloc() X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Yang Xiao Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: From: Yang Xiao This commit fixed a crash when seeking wma frames, asf decoder will try to demux in function asf_read_pts(). Pointer member side_data of AVPacket that allocated by stack may be wild pointer. Prevent releasing wild pointers in AVPacket when some functions try to call av_packet_unref, example av_read_frame(). --- libavformat/asfdec_f.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavformat/asfdec_f.c b/libavformat/asfdec_f.c index a8f36ed286..8cf953830e 100644 --- a/libavformat/asfdec_f.c +++ b/libavformat/asfdec_f.c @@ -1433,7 +1433,7 @@ static int64_t asf_read_pts(AVFormatContext *s, int stream_index, { FFFormatContext *const si = ffformatcontext(s); ASFContext *asf = s->priv_data; - AVPacket pkt1, *pkt = &pkt1; + AVPacket *pkt = av_packet_alloc(); ASFStream *asf_st; int64_t pts; int64_t pos = *ppos; -- 2.30.1 (Apple Git-130) _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".