From: Jiasheng Jiang <jiasheng@iscas.ac.cn>
To: michael@niedermayer.cc
Cc: Jiasheng Jiang <jiasheng@iscas.ac.cn>, ffmpeg-devel@ffmpeg.org
Subject: Re: [FFmpeg-devel] [PATCH v2] avformat/nutdec: Add check for avformat_new_stream
Date: Tue, 22 Feb 2022 10:06:42 +0800
Message-ID: <20220222020642.2317083-1-jiasheng@iscas.ac.cn> (raw)
Michael Niedermayer:
>> diff --git a/libavformat/nutdec.c b/libavformat/nutdec.c
>> index 0a8a700acf..4cbccb20d9 100644
>> --- a/libavformat/nutdec.c
>> +++ b/libavformat/nutdec.c
>> @@ -220,6 +220,10 @@ static int decode_main_header(NUTContext *nut)
>> }
>>
>> GET_V(nut->time_base_count, tmp > 0 && tmp < INT_MAX / sizeof(AVRational) && tmp < length/2);
>> +
>> + if (nut->time_base_count > NUT_MAX_STREAMS)
>> + return AVERROR_INVALIDDATA;
>
> the code already checks against length/2. If you want to add to that
> that should be done at the same level and
> such a change should explain why the existing check is insufficent as
> well as why the new is correct
> and it should be in a patch seperate from other changes
> also a file with NUT_MAX_STREAMS streams could use more timebases in principle
> timebases need a lot less space than streams so they could have a slightly
> higher limit
Thanks, I will remove the check in v3.
>> +
>> nut->time_base = av_malloc_array(nut->time_base_count, sizeof(AVRational));
>> if (!nut->time_base)
>> return AVERROR(ENOMEM);
>> @@ -351,8 +355,13 @@ static int decode_main_header(NUTContext *nut)
>> ret = AVERROR(ENOMEM);
>> goto fail;
>> }
>> - for (i = 0; i < stream_count; i++)
>> - avformat_new_stream(s, NULL);
>> + for (i = 0; i < stream_count; i++) {
>> + if (!avformat_new_stream(s, NULL)) {
>> + av_free(nut->stream);
>
> freeing something and not clearing the pointer is a bad idea in general
You are right.
I will change av_free to av_freep.
Jiang
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
next reply other threads:[~2022-02-22 2:07 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-22 2:06 Jiasheng Jiang [this message]
-- strict thread matches above, loose matches on Subject: below --
2022-02-16 8:48 Jiasheng Jiang
2022-02-16 8:40 Jiasheng Jiang
2022-02-17 15:07 ` Michael Niedermayer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220222020642.2317083-1-jiasheng@iscas.ac.cn \
--to=jiasheng@iscas.ac.cn \
--cc=ffmpeg-devel@ffmpeg.org \
--cc=michael@niedermayer.cc \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git