From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.ffmpeg.org (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by master.gitmailbox.com (Postfix) with ESMTPS id A0D744E789
	for <ffmpegdev@gitmailbox.com>; Wed, 11 Jun 2025 17:53:47 +0000 (UTC)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.ffmpeg.org (Postfix) with ESMTP id 26B6868B722;
	Wed, 11 Jun 2025 20:53:43 +0300 (EEST)
Received: from mail-wm1-f43.google.com (mail-wm1-f43.google.com
 [209.85.128.43])
 by ffbox0-bg.ffmpeg.org (Postfix) with ESMTPS id 5AD58687CAC
 for <ffmpeg-devel@ffmpeg.org>; Wed, 11 Jun 2025 20:53:37 +0300 (EEST)
Received: by mail-wm1-f43.google.com with SMTP id
 5b1f17b1804b1-43cfe63c592so452465e9.2
 for <ffmpeg-devel@ffmpeg.org>; Wed, 11 Jun 2025 10:53:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1749664416; x=1750269216; darn=ffmpeg.org;
 h=content-transfer-encoding:mime-version:message-id:date:subject:to
 :from:from:to:cc:subject:date:message-id:reply-to;
 bh=rYiwl6lbLej0/dWKkcK3cfB9YZITF1+VRktfUbI8y2Q=;
 b=SLjzFgOTviryd4y/3uDP5l25LNf9093ALVAkfPr2Z0zbIU3sAlhGMFF+pUir4IEVi1
 h2ppRHrChxG0jg8jQzCR5A1vvPzjkJYfAQ/eWK0HWeclMxXeHjxT6sNt/s2wQaIpMy4w
 styVjxShNcXc5aOY1o3i4Li7DYcGp38yvFzgG8V0vqZcdnbpOMi5gwhqe/9EfXjmcYK6
 DR/oTH1JAmHzKPT+LCjrcGHCcQDeipp+LNRi4NCuidkHiEnMtlux4gf9DabjM3/sezCZ
 OoYpm37GM4YE2KeSuQY0v6WdwJLeR9F4PVzhAayzaqHU5Z1M0orA1H3CD4Q5NtNiTInX
 XoIg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1749664416; x=1750269216;
 h=content-transfer-encoding:mime-version:message-id:date:subject:to
 :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
 bh=rYiwl6lbLej0/dWKkcK3cfB9YZITF1+VRktfUbI8y2Q=;
 b=gmyQ2VLKyUzr136tWKL+aIqmK7XKv5FZFWWXmJI+AjfiMdvmBv1dClJbiGXqZjC0dS
 Ua5ANY2/qLugTtBsxfW/yn+gzsfqiwaAtdCWppSLD/HzSWqDy7ic9/bMn7rLuAM+9XMS
 fLE8DC/Hyn+YROQSn5zYAF81cvFwAqxC7tuWEJ24aVvRB/euXda1G1a3McfmLOCOluJ0
 iPiIxRe81R9D5Q/yhjhOVY1V+t1/mvdE7XaXzp02EV5E8HBApXB46+YG67vDf/2JqLi9
 3oAzYOHIrByqP9zfXeobzQDRj9WBFCqpns7GQ7BN5uJdOn/nFn4t9GzFeSdDjHUN+xLj
 ekYg==
X-Gm-Message-State: AOJu0YzZe8M/N0xZs0r/+aFpoqJ8rteSY130rLsaY6cR0n71SV2AHOOE
 E5/cfuzxO6JBb5bxZ47IpNFGdWbEttzThXEXcmRYuUlv16TyHZfb5b3NHQWHDw==
X-Gm-Gg: ASbGncsHHL+X7k5lEWGXg+/MiNSPRnwdyrDo/PJ9bNkWQvtpZJCjY020E2RF7zBhVV6
 +a6i3OjV3LekktG3KSsuf3tasAvrp55mqoTTq4sRanMDJ6fH8ldBCeQMGD8gcITGpGbHYVBalGQ
 rlI3VWS9TwRNnfwlLB1eqnjPrALXGy62xHYfLKqNU4oIgtKt/HeKXEb0S1WP959Ab40ly4ZXTlT
 fwK3x/Jrw7HUr2gF36aP94mSw1iPLZGKxJliVOCD6ThEtMFN98tIij0Sf43t4v+CyMYEJK3JLVs
 H3E5aRiYFxuvxR6z1dYHMejLKQpXjuBt/zieK5iF5EfFeRN1Ml+I9XwljuJoclXBvwJ+788mRyX
 pBu2DNM7Q4hjXyK0dY5+VbaYok5+jlr4xnp+4LTFp594nzF3XvKCEPU/GY5RX18x2YXv6rwqEzs
 5wLy2/
X-Google-Smtp-Source: AGHT+IEQTGre+VSMh7npQXqWw/dmyChsDLC77hZKI1yJB8hMNPNpr3dzxImOavRqYCXIkCeKjOHk1Q==
X-Received: by 2002:a05:600c:1c8c:b0:43c:f63c:babb with SMTP id
 5b1f17b1804b1-45324879e6emr31976565e9.1.1749664416474; 
 Wed, 11 Jun 2025 10:53:36 -0700 (PDT)
Received: from ArmedBeast.fritz.box
 (p200301023700450060f2a9d7350ce887.dip0.t-ipconnect.de.
 [2003:102:3700:4500:60f2:a9d7:350c:e887])
 by smtp.gmail.com with ESMTPSA id
 5b1f17b1804b1-453251712d8sm27879185e9.15.2025.06.11.10.53.35
 for <ffmpeg-devel@ffmpeg.org>
 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256);
 Wed, 11 Jun 2025 10:53:35 -0700 (PDT)
From: Marvin Scholz <epirat07-at-gmail.com@ffmpeg.org>
To: ffmpeg-devel@ffmpeg.org
Date: Wed, 11 Jun 2025 19:53:29 +0200
Message-Id: <20250611175329.90644-1-epirat07@gmail.com>
X-Mailer: git-send-email 2.39.5 (Apple Git-154)
MIME-Version: 1.0
Subject: [FFmpeg-devel] [PATCH] avcodec/vvc/dec: fix possible null-pointer
 dereference
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
Archived-At: <https://master.gitmailbox.com/ffmpegdev/20250611175329.90644-1-epirat07@gmail.com/>
List-Archive: <https://master.gitmailbox.com/ffmpegdev/>
List-Post: <mailto:ffmpegdev@gitmailbox.com>

When checking for filmgrain here, needs_fg can be true even when
film_grain_characteristics is NULL (when aom_film_grain.enable is true),
therefore this check could end up dereferencing film_grain_characteristics
even though it is NULL.

Fix CID 1648347
---
 libavcodec/vvc/dec.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/libavcodec/vvc/dec.c b/libavcodec/vvc/dec.c
index aba31b94fe..7930d64a05 100644
--- a/libavcodec/vvc/dec.c
+++ b/libavcodec/vvc/dec.c
@@ -770,7 +770,8 @@ static int check_film_grain(VVCContext *s, VVCFrameContext *fc)
         !s->avctx->hwaccel;
 
     if (fc->ref->needs_fg &&
-        (fc->sei.common.film_grain_characteristics->present &&
+        (fc->sei.common.film_grain_characteristics &&
+         fc->sei.common.film_grain_characteristics->present &&
             !ff_h274_film_grain_params_supported(fc->sei.common.film_grain_characteristics->model_id,
                 fc->ref->frame->format) ||
             !av_film_grain_params_select(fc->ref->frame))) {
-- 
2.39.5 (Apple Git-154)

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".