From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 20C83402BA for ; Tue, 22 Feb 2022 02:07:01 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id D869168AF45; Tue, 22 Feb 2022 04:06:58 +0200 (EET) Received: from cstnet.cn (smtp21.cstnet.cn [159.226.251.21]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 9ABB368A43A for ; Tue, 22 Feb 2022 04:06:51 +0200 (EET) Received: from localhost.localdomain (unknown [124.16.138.126]) by APP-01 (Coremail) with SMTP id qwCowAAnLfkzRRRiS9hGAQ--.50412S2; Tue, 22 Feb 2022 10:06:44 +0800 (CST) From: Jiasheng Jiang To: michael@niedermayer.cc Date: Tue, 22 Feb 2022 10:06:42 +0800 Message-Id: <20220222020642.2317083-1-jiasheng@iscas.ac.cn> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-CM-TRANSID: qwCowAAnLfkzRRRiS9hGAQ--.50412S2 X-Coremail-Antispam: 1UD129KBjvJXoW7ZryxXr17GrWUtr13uFy3Jwb_yoW8XFy8p3 srAa97tFn7tF1xJryvqw4jqr18Jr18KFy5Krn0qr4UCFn8Zry5GFy0kFyFgF929rs0qF10 qFnIgFnIva4FyFJanT9S1TB71UUUUUUqnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2 9KBjDU0xBIdaVrnRJUUUyK14x267AKxVWUJVW8JwAFc2x0x2IEx4CE42xK8VAvwI8IcIk0 rVWrJVCq3wAFIxvE14AKwVWUJVWUGwA2ocxC64kIII0Yj41l84x0c7CEw4AK67xGY2AK02 1l84ACjcxK6xIIjxv20xvE14v26ryj6F1UM28EF7xvwVC0I7IYx2IY6xkF7I0E14v26r4j 6F4UM28EF7xvwVC2z280aVAFwI0_Gr1j6F4UJwA2z4x0Y4vEx4A2jsIEc7CjxVAFwI0_Gr 1j6F4UJwAS0I0E0xvYzxvE52x082IY62kv0487Mc02F40EFcxC0VAKzVAqx4xG6I80ewAv 7VC0I7IYx2IY67AKxVWUJVWUGwAv7VC2z280aVAFwI0_Jr0_Gr1lOx8S6xCaFVCjc4AY6r 1j6r4UM4x0Y48IcxkI7VAKI48JM4x0x7Aq67IIx4CEVc8vx2IErcIFxwCF04k20xvY0x0E wIxGrwCFx2IqxVCFs4IE7xkEbVWUJVW8JwC20s026c02F40E14v26r1j6r18MI8I3I0E74 80Y4vE14v26r106r1rMI8E67AF67kF1VAFwI0_Jrv_JF1lIxkGc2Ij64vIr41lIxAIcVC0 I7IYx2IY67AKxVWUJVWUCwCI42IY6xIIjxv20xvEc7CjxVAFwI0_Jr0_Gr1lIxAIcVCF04 k26cxKx2IYs7xG6rW3Jr0E3s1lIxAIcVC2z280aVAFwI0_Jr0_Gr1lIxAIcVC2z280aVCY 1x0267AKxVWUJVW8JbIYCTnIWIevJa73UjIFyTuYvjfU5WlkUUUUU X-Originating-IP: [124.16.138.126] X-CM-SenderInfo: pmld2xxhqjqxpvfd2hldfou0/ Subject: Re: [FFmpeg-devel] [PATCH v2] avformat/nutdec: Add check for avformat_new_stream X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Jiasheng Jiang , ffmpeg-devel@ffmpeg.org Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: Michael Niedermayer: >> diff --git a/libavformat/nutdec.c b/libavformat/nutdec.c >> index 0a8a700acf..4cbccb20d9 100644 >> --- a/libavformat/nutdec.c >> +++ b/libavformat/nutdec.c >> @@ -220,6 +220,10 @@ static int decode_main_header(NUTContext *nut) >> } >> >> GET_V(nut->time_base_count, tmp > 0 && tmp < INT_MAX / sizeof(AVRational) && tmp < length/2); >> + >> + if (nut->time_base_count > NUT_MAX_STREAMS) >> + return AVERROR_INVALIDDATA; > > the code already checks against length/2. If you want to add to that > that should be done at the same level and > such a change should explain why the existing check is insufficent as > well as why the new is correct > and it should be in a patch seperate from other changes > also a file with NUT_MAX_STREAMS streams could use more timebases in principle > timebases need a lot less space than streams so they could have a slightly > higher limit Thanks, I will remove the check in v3. >> + >> nut->time_base = av_malloc_array(nut->time_base_count, sizeof(AVRational)); >> if (!nut->time_base) >> return AVERROR(ENOMEM); >> @@ -351,8 +355,13 @@ static int decode_main_header(NUTContext *nut) >> ret = AVERROR(ENOMEM); >> goto fail; >> } >> - for (i = 0; i < stream_count; i++) >> - avformat_new_stream(s, NULL); >> + for (i = 0; i < stream_count; i++) { >> + if (!avformat_new_stream(s, NULL)) { >> + av_free(nut->stream); > > freeing something and not clearing the pointer is a bad idea in general You are right. I will change av_free to av_freep. Jiang _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".