From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 14004411A8 for ; Tue, 15 Feb 2022 10:07:55 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 634BD68B2BC; Tue, 15 Feb 2022 12:07:53 +0200 (EET) Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-oln040092070026.outbound.protection.outlook.com [40.92.70.26]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id D545F689B39 for ; Tue, 15 Feb 2022 12:07:46 +0200 (EET) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hWVPDlvFUR/Bt/b89CQ2Am578/FdrI2cPwETD0QGsC2jokmPKdLx4jSueGI5dcyGhoeZ6dW05+3aV+WiAPmCXO/5ZQ1AUVUHDhf4nZebMfwEDEKu66zhEc4Lf+QaZb2/lovYSPMi8Fdj3wmwun2lxcaZyjO5VqwES/m5kcDYorwlj2XvX+82UY50t1jpPuoMg/HGJhd++28eooAjw6lYk68pIDSKKKAi4todQC61o1TY1imZENg+FmgR1B8GSSQ7sf0t1eY+PFtfRDG1TXZoRsz8EbnrRe1WHQivWEOaNyHzLslMoB3OtL4/+z6zIlNmbfSI28qPp4rzLrrn+wf3LA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=7ucmINxf9QRVGcnTyOnmqOn8t9BBmQvWv9vXKKwes+A=; b=GUUSe8OgDlRDu48lX3g/Ga2VDPXKDlHipfWQokXnT6jr/gi1CGzyRMOQP9Zb3SG38+yT22BpQExzkBs/48gs2M8RKICrOBbpWmMIK3eg6UdiFvnc4URF0elG5/x3VRi1X8T5AYXY8LpaIOObESNiv/sUdly9mMDRhmnEoxuDlIyz2qbJ4y7joYMJcXbJ/a24DwGuaYKktNBrvx3L9zbBbt67t1N4d43T1neyAG+zyy+73tl5Gi/9ju8HUCFWk6HebYrMSVKcvl2Q/47QnhXqkVxiR7d971jxxlLMWQGTD+m0868i8NGEUkFG877w/sZDbmbYePfcE/EcDiyphnEUFA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7ucmINxf9QRVGcnTyOnmqOn8t9BBmQvWv9vXKKwes+A=; b=ahHL3CjssYoO7t3ITJ29YNeM4rAv3ZrhUjYZU0gSYvhn4+Q7+OtlcSDQuzuToHfroPQe/hAOFFOVLKbxVF2hRupg+ds1OL+7mjbyN3VSb7XBLCt3tqiEZAgu1PlFQeUbj5nvHD/edMYgztkTljOGXVNNXxZyd1oLJs9P8fqtmord3DYwDGRy5OPN/1bQK+Ed+//rXmnz7s5tWyyZeK57VqxxzFGnvhKCCNX8IW5rxbOrz0dxTVlCATx3snksrUHALg1O19THl9I/uBYHgPnHgPOcMKh0NtRL4Ru1uqcS7oiUmVHfyLc49wPyw1tUrCv+jiwFj4/Ymf3Aoq5oWOVR7g== Received: from AM7PR03MB6660.eurprd03.prod.outlook.com (2603:10a6:20b:1c1::22) by DB9PR03MB7290.eurprd03.prod.outlook.com (2603:10a6:10:222::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4975.19; Tue, 15 Feb 2022 10:07:45 +0000 Received: from AM7PR03MB6660.eurprd03.prod.outlook.com ([fe80::ac56:2ff4:d304:ab22]) by AM7PR03MB6660.eurprd03.prod.outlook.com ([fe80::ac56:2ff4:d304:ab22%5]) with mapi id 15.20.4975.019; Tue, 15 Feb 2022 10:07:45 +0000 Message-ID: Date: Tue, 15 Feb 2022 11:07:43 +0100 Content-Language: en-US To: ffmpeg-devel@ffmpeg.org References: <20220215095908.1672123-1-jiasheng@iscas.ac.cn> From: Andreas Rheinhardt In-Reply-To: <20220215095908.1672123-1-jiasheng@iscas.ac.cn> X-TMN: [2cS13Aw3wCpdnL5mZa+ukNuz9weggogY] X-ClientProxiedBy: AM6P194CA0019.EURP194.PROD.OUTLOOK.COM (2603:10a6:209:90::32) To AM7PR03MB6660.eurprd03.prod.outlook.com (2603:10a6:20b:1c1::22) X-Microsoft-Original-Message-ID: MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 5b01abd3-8c44-46d6-192e-08d9f06b02aa X-MS-TrafficTypeDiagnostic: DB9PR03MB7290:EE_ X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: R9L4CQK1ldeRFsWshEy2AFMDxU7d6IxVqWSnJ+RroBQC2XbRb2/19wMKUL3gU9SH1cizAn2EYz9+r/VnA7Xe+7JDR/vOQHEQOK7nvqb7wmULPXiPIKUgM9V5KdJ3WXC5vLl7dPe5WoaTSJhTgpEOB36Vd0lWWU09BJ2tE7rfsvZb0ydE15/aFOtjyjNya7pFLVzJHpZVxqGNGvi3yFVFJJeaLvr3iDnsSANYdYcvtvON+QZJJbXzQ5rZsbf7QgygJwhA+S4J01oNySY78u0EPHn7eiuiYuzSzlC9l09txaDNF4Jbi5rxFQXCMy26B1PbHM1t6m9wlIXMfQVNWCP8UrzK7FjX3FWCfPl6kuirZyIoTTa98SoqVdxg62i9tsg8fJCHoMF8V+jOcG0/DzgQXm5ROkEBAGRJCP0UXNQ3mFqPm+0+v4yLVW9B5tQYtu5BuM7MrQPt2PpQ9TsoOPx2Zpw9Mh0WVhGo91uBX2JPq5/ldSzMLFPV9IXhtk9hAqLRCnv4cHaEB9AWDKEMQxt2VWqxpicomF6jZ1oHI0S1NzX3ORBCgHmqZC6QQ/1THquw40ItKwYs49+60spvdx7KfOmUleDD1VwxTmZi4Rjh1i54oD9KaScyYcYgzeMjwyB6 X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?Y0k5ZFdUeXgvQkp3a0NEZjJLU2xwdElMMnhOTUxLV3YzbW1Pb0l6eE50OEhW?= =?utf-8?B?NFZ3YkRkZ0tweVpXTlBWWU14bXpiT1ZCSFZndVZvUlJzbGRLMkpFRHlqV2gr?= =?utf-8?B?WllrUVdsRFVYQlAvOFU4QVE1YTJ5RVBCMmRzSktUMGdLSTF4UjJBWFNKa3cv?= =?utf-8?B?RUhTZ2FXSStnZ3VsTEhlK01CaFgwWWNMajhkMXU4WXhYMUFQMFdYaE9kSnJ3?= =?utf-8?B?NXJ1NTZYWnFzaFFXbkhDTVhBSEV4bldPSFdvcVI4WmpIcjVLcUxGYUZOaHZh?= =?utf-8?B?M3lKWmJCM001aEl6U2hZeC9kYy9CUGIydU9yc3plQ0lVMWRORzZTdWc4QmRP?= =?utf-8?B?Zyt5b0prMHNHS1YwM21IVlNDZUNPR1o5T0w4bEJPczU5YXprV0dlTjlSTXZX?= =?utf-8?B?NVFjaXZ2ellmanZ2MUtoYndiVm02ZDkrRThEK2p2REVEeldvS0RGa3Jza0pE?= =?utf-8?B?RkRqSlMwNGpEZ05ZU1Y5MXl0QmtSSmJIMy8ySHd5VFNyTjg3blNGRTRyS21n?= =?utf-8?B?VzFTSEdBQ2xHRVJxLzVPZnRPZWZRK2NnQ2piU2NCd1NpRHo3R05zd3hLc3BX?= =?utf-8?B?VzdJcVRYTUFQc2FUWmlSbDBucDdUTU1sTXRuTE4xRDQ1TzRMek56VjZDSHRN?= =?utf-8?B?SU5NZk9hU2dOWEg4ZWlkcjNkdExkYWFqQmtVMHBjbHhWTHJoV012dWFJQXUr?= =?utf-8?B?SjFrbENPY0g5UGRQeExtamdPOTdWcjZwZnRwd0dHV2FVQ3B0alltVDRwaGdO?= =?utf-8?B?SjhMakVVSXBnWTNIRXBFRi85QnlpVGw4eGNOR01qdE1ZWE41amdoRjA4QndJ?= =?utf-8?B?U3p5YW5CcTMrNkNQZnZQUm9aSG1iTmFLM3JQbm41bkZxK3c5Smhia1BZeTVJ?= =?utf-8?B?VUFyWEwvc3k2RDNOWkxLWEt6R3pTSFhtRnNnRWx4YUpxbDVQVnF2VVFvMkFW?= =?utf-8?B?eWJxdmJyblUwcjBwVG1SSnlTRkxYRHRWbEpzYUNzZmZ1U3RuYUFZZlBNd3VZ?= =?utf-8?B?ay84aG5rcHJEK2hOakgvT0RlTmVGZlp2T0k0cGdXOWFOS2J4cE9YSVUxQ0Zv?= =?utf-8?B?eDZIVTZXRUt5N0VoWjlvQnFteFNXY3RxcmhiY1lIcS9lbmJLbE4ySThzamJO?= =?utf-8?B?L3FlajVCRjQ0bVpteitHaVJJZGhoZGJHWmUrSExOVHJWbUlqYmxJYzN6ZzFW?= =?utf-8?B?NFhhMndmYmViSndveXJRSlB4MzdycmFIZXdFZWFKSTRwSDJ5RDNsWlVrK3ZT?= =?utf-8?B?VFcyRUN6ODAxSisweUNwZDE4US91V2lOTFUwcm8rL01UbDV4QT09?= X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 5b01abd3-8c44-46d6-192e-08d9f06b02aa X-MS-Exchange-CrossTenant-AuthSource: AM7PR03MB6660.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Feb 2022 10:07:45.2441 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9PR03MB7290 Subject: Re: [FFmpeg-devel] [PATCH] avcodec/mlz: Add the check after calling av_mallocz X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: Jiasheng Jiang: > Since the potential failure of memory allocation, the av_mallocz() > may return NULL pointer if fails, which is assigned to 'mlz->dict'. > And then 'mlz->dict' will be used in ff_mlz_flush_dict(). > Therefore, it should be better to check it and return error if fails > in order to prevent the dereference of the NULL pointer. > Also, the caller, the decode_init() needs to deal with the return value > of ff_mlz_init_dict(). > > Fixes: 2f7a12fab5 ("avcodec/mlz: clear dict on allocation to ensure there are no uninitialized values") This is the wrong reference; there was an unchecked allocation before that, it was just and unchecked av_malloc_array instead of av_mallocz_array. > Signed-off-by: Jiasheng Jiang > --- > libavcodec/alsdec.c | 5 ++++- > libavcodec/mlz.c | 6 +++++- > libavcodec/mlz.h | 2 +- > 3 files changed, 10 insertions(+), 3 deletions(-) > > diff --git a/libavcodec/alsdec.c b/libavcodec/alsdec.c > index 9e1aaf065a..2fbb309d33 100644 > --- a/libavcodec/alsdec.c > +++ b/libavcodec/alsdec.c > @@ -2122,7 +2122,10 @@ static av_cold int decode_init(AVCodecContext *avctx) > goto fail; > } > > - ff_mlz_init_dict(avctx, ctx->mlz); > + ret = ff_mlz_init_dict(avctx, ctx->mlz); > + if (ret < 0) > + goto fail; > + > ff_mlz_flush_dict(ctx->mlz); > > for (c = 0; c < avctx->channels; ++c) { > diff --git a/libavcodec/mlz.c b/libavcodec/mlz.c > index dbeb7dcad9..b35607cc7c 100644 > --- a/libavcodec/mlz.c > +++ b/libavcodec/mlz.c > @@ -20,8 +20,10 @@ > > #include "mlz.h" > > -av_cold void ff_mlz_init_dict(void* context, MLZ *mlz) { > +av_cold int ff_mlz_init_dict(void* context, MLZ *mlz) { > mlz->dict = av_mallocz(TABLE_SIZE * sizeof(*mlz->dict)); > + if (!mlz->dict) > + return AVERROR(ENOMEM); > > mlz->flush_code = FLUSH_CODE; > mlz->current_dic_index_max = DIC_INDEX_INIT; > @@ -30,6 +32,8 @@ av_cold void ff_mlz_init_dict(void* context, MLZ *mlz) { > mlz->next_code = FIRST_CODE; > mlz->freeze_flag = 0; > mlz->context = context; > + > + return 0; > } > > av_cold void ff_mlz_flush_dict(MLZ *mlz) { > diff --git a/libavcodec/mlz.h b/libavcodec/mlz.h > index c3df52c9b4..01f8e78ec2 100644 > --- a/libavcodec/mlz.h > +++ b/libavcodec/mlz.h > @@ -57,7 +57,7 @@ typedef struct MLZ { > > /** Initialize the dictionary > */ > -void ff_mlz_init_dict(void* context, MLZ *mlz); > +int ff_mlz_init_dict(void* context, MLZ *mlz); > > /** Flush the dictionary > */ See https://ffmpeg.org/pipermail/ffmpeg-devel/2022-February/292904.html - Andreas _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".