From: Pierre-Anthony Lemieux <pal@sandflow.com>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Subject: Re: [FFmpeg-devel] [PATCH v1] avformat/imf: fix bad free() when directory name of the input url is empty
Date: Tue, 4 Jan 2022 17:44:31 -0800
Message-ID: <CAF_7JxBk6N2uXZ7WcTYi4WxQiD60pTgqP79npDvq=zYYF9NgFQ@mail.gmail.com> (raw)
In-Reply-To: <c68d76cb-fda4-a0de-58a5-303e3a53d2c0@zanevaniperen.com>
On Tue, Jan 4, 2022 at 5:39 PM Zane van Iperen <zane@zanevaniperen.com> wrote:
>
>
>
> On 4/1/22 01:59, pal@sandflow.com wrote:
> > From: Pierre-Anthony Lemieux <pal@palemieux.com>
> >
> > Signed-off-by: Pierre-Anthony Lemieux <pal@palemieux.com>
> > ---
> >
> > Notes:
> > Found through manual fuzzing.
> >
> > libavformat/imfdec.c | 6 +++++-
> > 1 file changed, 5 insertions(+), 1 deletion(-)
> >
> > diff --git a/libavformat/imfdec.c b/libavformat/imfdec.c
> > index f17064cfcd..4e42db8d30 100644
> > --- a/libavformat/imfdec.c
> > +++ b/libavformat/imfdec.c
> > @@ -622,11 +622,15 @@ static int imf_read_header(AVFormatContext *s)
> > int ret = 0;
> >
> > c->interrupt_callback = &s->interrupt_callback;
> > +
> > tmp_str = av_strdup(s->url);
> > if (!tmp_str)
> > return AVERROR(ENOMEM);
> > + c->base_url = av_strdup(av_dirname(tmp_str));
>
> Is the second av_strdup() here required? You've already done it above
> and av_dirname() just sticks a '\0' at the last separator,
This is what I thought.
> so it should
> be safe to remove it:
As I understand it, av_dirname() actually returns a pointer to its own
"." string when the input is either empty or does not contain, in
which case we must make a copy.
>
> if (!(c->base_url = av_strdup(s->url)))
> return AVERROR(ENOMEM);
>
> c->base_url = av_dirname(c->base_url);
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
next prev parent reply other threads:[~2022-01-05 1:44 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-03 15:59 pal
2022-01-05 1:38 ` Zane van Iperen
2022-01-05 1:44 ` Pierre-Anthony Lemieux [this message]
2022-01-05 2:30 ` Zane van Iperen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAF_7JxBk6N2uXZ7WcTYi4WxQiD60pTgqP79npDvq=zYYF9NgFQ@mail.gmail.com' \
--to=pal@sandflow.com \
--cc=ffmpeg-devel@ffmpeg.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git