From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id AB2C742AC4 for ; Tue, 11 Jan 2022 13:45:48 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 5391568AEE2; Tue, 11 Jan 2022 15:45:46 +0200 (EET) Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05olkn2109.outbound.protection.outlook.com [40.92.89.109]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 24C5168A544 for ; Tue, 11 Jan 2022 15:45:40 +0200 (EET) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=E5wGg+rE8MopNFJGUMkuCKmrLwC7tW4iuFyK/FilPrmzXTX2g5HJibg+5yKe5fheS67Ai1UGAb52VwuCC3c81175QS/fiVgHRcC6FRQJOIDUBSEoIQJIuoAAQ4bYdatqhKIBkHUAR75x8pclStxyy5spN+SW9kTlosyOsEMlL9Tt3W3NiOC1Q7gZkRTAKr4Fb+Hx+/oM+9QFXkfKi5sqeNse1tyIBqrO2RouTnPzmjkXKyMUZ/C6N2b3mQ5PFhpVMzciD3Xivn8P7ZnjnID0R5WFhTJQv87M3lH6G5JYDYg1xFmmlqhfzm/DuDCTZl4g3aE8vbLTAlau0+WxBKY4TQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0wffNk9Z2Hob+BoM/5CPutvVu0vVnYcw4awDFF+2028=; b=eS3unUnAB2zLrbaoX5D9Joje6JBntl6ZbxEzbbq2ft9n0dt2VJ8FHyW9t3VJie5TFmtMPKOHKTWmstTJqefAjc+cs521J0TmDSUYoEanKbWO2ebdgNZQwlwTlonueFxQlmRmC17uinuEBBoANbGRPmgtfluQuvhPIUni2Bwk9gBEECGpvBXGTNd94XoI75mt3YvcePSHZUGJSGwHL5qY8ol0eiWbRMsJHFQymV8/jR9zCFqYbhdAGI5c++iO3jFBv6hTMRGZc9oO1nvohLfnB3hOJ2Sj2oBXMUS1uuGRc2o8AA/KXuP4QQm6b+madhkADEO6b5oYE1rHiZ24k2DLSQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0wffNk9Z2Hob+BoM/5CPutvVu0vVnYcw4awDFF+2028=; b=ck040ocICCrX4/taUITTWAi+0D33FPxX4vB2CR/UsLG1RiCUUrBBZIYH6Txy2b6okBZgTlmR1tZu7FVG6Omv4spyeqyG6Jcq8JtRqXxT/5zviYJnJy7OsvS1LftQwxU8magrqPWeKPbNROdEt+PYvi6iLYFuIvwrr9rwGFoRSRuCFuSuKHvqplQ6EnrzDmkdDL6VnucZHc2DZiYik1sexGAvCOBO5LEEamxmCCNMSfbDtgV76+EcJhnAlfGCDfEcyWKzopGF7jiorqNWfA/dh05dCPObfXpjyasJwmIZtCCbih4ZiKH9UaXeku5jDQd52AEA5mOyr/U1EKa3CyU7og== Received: from AM7PR03MB6660.eurprd03.prod.outlook.com (2603:10a6:20b:1c1::22) by AM6PR0302MB3479.eurprd03.prod.outlook.com (2603:10a6:209:16::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4867.7; Tue, 11 Jan 2022 13:45:37 +0000 Received: from AM7PR03MB6660.eurprd03.prod.outlook.com ([fe80::19fc:be9f:2c9c:53f5]) by AM7PR03MB6660.eurprd03.prod.outlook.com ([fe80::19fc:be9f:2c9c:53f5%9]) with mapi id 15.20.4867.012; Tue, 11 Jan 2022 13:45:37 +0000 Message-ID: Date: Tue, 11 Jan 2022 14:45:36 +0100 Content-Language: en-US To: ffmpeg-devel@ffmpeg.org References: <20220111134038.42085-1-yshaw1999@163.com> From: Andreas Rheinhardt In-Reply-To: <20220111134038.42085-1-yshaw1999@163.com> X-TMN: [bsj0oCKtf5/UIlUetS0x782oRVNtnIMB] X-ClientProxiedBy: AM9P195CA0015.EURP195.PROD.OUTLOOK.COM (2603:10a6:20b:21f::20) To AM7PR03MB6660.eurprd03.prod.outlook.com (2603:10a6:20b:1c1::22) X-Microsoft-Original-Message-ID: MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 6c04e59a-bf2b-408b-872c-08d9d508a631 X-MS-TrafficTypeDiagnostic: AM6PR0302MB3479:EE_ X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 2woO4B4Zd9qNNK3AtM7ejpTOrwRkP+1UuVThYp1pKOLFrZp4Dl3IppwPDaWoW4nAiyNm5SyTQgXZltiAKfJVzHHH/mH2Uo5EPgivwO2NqQNAm2mvPA3KSfbSHHDbQPFmvCUrz+DPlvrjUb5jiIcFswqjGtsVBOEOXcXdUNzFX67+4rCVi//BpCYk+3nhhPC2kaShUfPReZAAWp1DC32AiVxJKWaAMJNtXL4LWWBGGrJACqUDN86+3LmOAO71ql1laUoNNmZ46mjPqxyYlnnjZcpRRhkBS/IJYYyamoMYmbYHfOJdCdZtO8LBiMeieJSIoUHEkZZVYaDFvsirt0neniHPVSrzqUn9lIRepq9U7d+NRA1rIFLEevHxVUI3Ia2gB+u9Lb3G/AbLWYdnVH9MMEmwBgLCV7PrQfBE/gL2u8IEuHFCaSEipmkD8I2Dqs+ryay85ZMHO0w6v3SGvOntz0sqQ0gMNdRRObVyDad0yyUWmfGPBsAyMCVKCsux+zVr4tg2aPGoaILqd98Eq0MuRtsmA7bbJ6iOe+HjD+wabTQofeDj5iLLIZWQLdhJU8U/wYEbpTew3fG3e/D2edj9uA== X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?eUplSUVtRDdzS1ZMYjlmNkVxazlpUDl0YWNGdURoWjVyN2szdlFjdDlVNHp0?= =?utf-8?B?Vm1TdkI5WkY1cXZ0OHZ4cUJna0Y4YnNMcHBoYUtsVEp3eTdjSEQ1c3RUSG9m?= =?utf-8?B?aStycVo4N2k3UFl6azR6bGZHb2JWLzhwN085SWFMNUJpTFBFNURqMFArZHZW?= =?utf-8?B?Skoyb05FaTVVc0h0cTdzS1g2ZzBBeGRIeUk0UW1FdHp6RE9JQ21zTUJZNmUz?= =?utf-8?B?S2Y3ZGJ1QW5hMkVxOTF4WTRzRnE1R2g4ZzhWL2ZzK0pYRmc1aGZlZDdnREd2?= =?utf-8?B?VzArbysxMkVNNk1YQi8xSUQxdHlGenZrNC9NMzRKd1Bha1NIY25XZWZwSzFB?= =?utf-8?B?ajFEcHJUeU9QTGN6bENzendOb1VmbitGRzZQMU1QaDZEMVJwYXJVQS9reml1?= =?utf-8?B?a0tVbzFyMThybUdrVmlvdGs2ZS9SS3RpeWgrSGpBMS9DZzFXS01xSlF0NG1w?= =?utf-8?B?NzJXb24yRmx2VEFyajRzaVZJaVFETWdseEIzSThpZ0ZTK3pOaXhBOFUzMUpv?= =?utf-8?B?TTdWcHFCVU4zd2hBNmcxRjNWTUhvS1RDK0szbmNXSFBYUnhQaU5PdzgrdzN0?= =?utf-8?B?U3g5akZNOHR0TTVSK0VBcTRBcDdiT2pBZkF5NEsvbkZ5cVJuWEhJdTVvQ1hl?= =?utf-8?B?RUplZ2tvVE5lck9sbnFtdzFha29XK2tQQVI2Q0VkaHBCVFdTQ1hyT3RNOUJs?= =?utf-8?B?dDRXQmZ6TWROQXgvVGVkRWd2UlU5WDRQc0dKWldzQnN4dDFnRzJ1NnhFcDZh?= =?utf-8?B?eWI3N0RSL0pFWVN0SHZERTh6dHVRYWRJS1lwVFRWK1Z2bkQ5dUN1dGhURWZh?= =?utf-8?B?NlhXdFBabi9sMGpGaXZjb25EVE5KTGFxa25Kc1VkNTdBcEJjZ3F2NnBuam5t?= =?utf-8?B?ZmRqejBjeTF2NmNseW5ySDlDdWtyaWRxVVBmbWhJeGFBWlRUNG1naVo1V0ZF?= =?utf-8?B?R1ZIaEFYOUt5cjhVb0tVeVIzK2RzaTJhUTlobzNCL0VRcjk2M2U3Z3gxVGIr?= =?utf-8?B?eG9uY0VGejIxSEE1T1pEeStwK2FqZkx4QWhUS1Z0Y1hZdUtVSk5XZWpkcEVN?= =?utf-8?B?dlVUV0RnNGM4cUF3amhyY295ZEJaVXdhWHkxaGhFclJXenROTjdMd253Y0lR?= =?utf-8?B?UXRaWSs3YTJ6N2NaNTRyYjdhSTZCYTF0RFQwTmRGbjdpenJLR3ZFV09aYjdQ?= =?utf-8?B?VkJzUzlHYVlHeGU4N0tMcDhIT3RxTGwwenRUNmsvZDI2RDgwUnNGNUMyZTh4?= =?utf-8?B?V0hLQm1GSlhkM0p1bG83YmxVLzY0bWNaWUpFUkZoTnk3ajNEZz09?= X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 6c04e59a-bf2b-408b-872c-08d9d508a631 X-MS-Exchange-CrossTenant-AuthSource: AM7PR03MB6660.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Jan 2022 13:45:37.7478 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR0302MB3479 Subject: Re: [FFmpeg-devel] [PATCH] avformat/asfdec_f: init avpacket by av_packet_alloc() X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: yshaw1999@163.com: > From: Yang Xiao > > Pointer member side_data of AVPacket that allocated by stack may be wild pointer. > Prevent releasing wild pointers in AVPacket when some functions try to call av_packet_unref() > --- > libavformat/asfdec_f.c | 10 ++++++++-- > 1 file changed, 8 insertions(+), 2 deletions(-) > > diff --git a/libavformat/asfdec_f.c b/libavformat/asfdec_f.c > index a8f36ed286..605d9f53a1 100644 > --- a/libavformat/asfdec_f.c > +++ b/libavformat/asfdec_f.c > @@ -1433,7 +1433,9 @@ static int64_t asf_read_pts(AVFormatContext *s, int stream_index, > { > FFFormatContext *const si = ffformatcontext(s); > ASFContext *asf = s->priv_data; > - AVPacket pkt1, *pkt = &pkt1; > + AVPacket *pkt = av_packet_alloc(); > + if(!pkt) > + return AVERROR(ENOMEM); > ASFStream *asf_st; > int64_t pts; > int64_t pos = *ppos; > @@ -1448,13 +1450,16 @@ static int64_t asf_read_pts(AVFormatContext *s, int stream_index, > s->packet_size * s->packet_size + > si->data_offset; > *ppos = pos; > - if (avio_seek(s->pb, pos, SEEK_SET) < 0) > + if (avio_seek(s->pb, pos, SEEK_SET) < 0) { > + av_packet_free(&pkt); > return AV_NOPTS_VALUE; > + } > > ff_read_frame_flush(s); > asf_reset_header(s); > for (;;) { > if (av_read_frame(s, pkt) < 0) { > + av_packet_free(&pkt); > av_log(s, AV_LOG_INFO, "asf_read_pts failed\n"); > return AV_NOPTS_VALUE; > } > @@ -1483,6 +1488,7 @@ static int64_t asf_read_pts(AVFormatContext *s, int stream_index, > } > > *ppos = pos; > + av_packet_free(&pkt); > return pts; > } > > To repeat myself: Do you have FF_API_INIT_PACKET set to 0 (it should still be set to 1)? Because av_read_frame() is supposed to (and documented to) treat the packet it is given as uninitialized. - Andreas _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".