From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 15736488B8 for ; Tue, 19 Dec 2023 14:17:06 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 8BDEE68D169; Tue, 19 Dec 2023 16:17:05 +0200 (EET) Received: from out162-62-58-216.mail.qq.com (out162-62-58-216.mail.qq.com [162.62.58.216]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 3B01268CDDF for ; Tue, 19 Dec 2023 16:16:58 +0200 (EET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foxmail.com; s=s201512; t=1702995409; bh=F0uIYGcKxDUxu4RPknep+GuyhCUThsdW2NIIlPkEU4o=; h=From:To:Cc:Subject:Date; b=x9yh2XUMQpMUUcmZ3VluC7ombkDm7dj5wYwdRKe02aBgpr3l7fRRCYx9nlDDZ1Ha/ mi9HrtIjQdfbbaeDJNm+52JUPVH7BTZfHzeoCHRGxJ0SFkZQ9kONFPC2BIQ30pyTUJ cRYqW18/gp0eGYplN+5vA+TWQvMn1JvHQevSWr6I= Received: from localhost.localdomain ([121.34.202.210]) by newxmesmtplogicsvrsza10-0.qq.com (NewEsmtp) with SMTP id 430B9A3D; Tue, 19 Dec 2023 22:16:48 +0800 X-QQ-mid: xmsmtpt1702995408tj3j100ne Message-ID: X-QQ-XMAILINFO: N2/jAoEINgTT1aXRTY/VYC3z1POePMGFllsuaU7z3SblPgz6qAuzlbX+7Op05W hWtE3yRoP7cvUfCel9clCaUNusJPp7ynAkookntW1O0AznYkW58TFAoGLv4WraT4Ov3RN+qq0XqE uuRs0whG4fY22rToY8xdPqRVwj6x+00JAKp8TUzozfs9/NL1XDzgvmdOSsN9JVKpnvn8Zfq4kgyp XQDYLdI3+W1YU89TGsLWLQuog2k9EK3D4OQjYxPWdqY/sosMmj5ISMjfMQMuNMoF/pCj7Opmz1Gm snPZ01GR5Y/+ZlHamM6vkXbeOwyQ0gmziWux4v+5dMzg/umyrpU6pzduthSnp2zQxgkwBhrJCHPP 0IHdnKvGKGh/cLYeMxcrY3aNiobpnOq6mjnyc+ZexJX09GbqL5B3f75mEHAyyPEkR5xS9ToY7hOG 3LuVPn/qLQO8KxFyHlgFf6tkxE77xVI0FtM3wsz56jKUE6OLEsDnBUNLl3MzNl/oBo3Rph4ETDUw Y6x5s/YvwucWc0SgaZxnTJ/mVFfD/VvlIP0E6xlUn+JsEU6be2qI43z3WoOkkp/lPuVDTfwNLnnT LZA9X0p9frcA6ENAnzwt3jOkCoBRs0cSTPR46Qs7U04piJC2gQAdwMV4bKrrZ+1hd3z+wtKjEguI Z3lTcVRzxwMjuzjNpnO+Xt4sn6VkRDs97uTflMikl2oSKLEg+HU/Kp0tziBY+5Yf38skMJ/mmB1n lVvO4aBIPjM/5Wu9J3/868b9AETA89vdTJnmn86Gw5njMOGtjp4oxJLNUmPqbRmBVLYiS5qYaWEl YZZobQfKUAg0BUsg+DKUrkoLdMDcE7qRbCaz/KaDqLhcP8syp3qQScx0cepEhaUUYQLslXiQgSTp euSVKXK3YEittluwzaJsYqUr5+RLDFhbFPBPU6n0TeO5qQh6ezvlDnEGlhbi1dKJzAANS8OrNzak P+0ZaWXFmfwDqnQY8y5wK5p4oNMx6K4BYYTaSAb5gzQPT9Eq8wWg== X-QQ-XMRINFO: M/715EihBoGSf6IYSX1iLFg= From: Zhao Zhili To: ffmpeg-devel@ffmpeg.org Date: Tue, 19 Dec 2023 22:16:43 +0800 X-OQ-MSGID: <20231219141643.212131-1-quinkblack@foxmail.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH v3 1/3] fftools/ffmpeg_filter: fix NULL pointer dereference X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Zhao Zhili Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: From: Zhao Zhili In close_output(), a dummy frame is created with format NONE passed to enc_open(), which doesn't prepare for it. The NULL pointer dereference happened at av_pix_fmt_desc_get(enc_ctx->pix_fmt)->comp[0].depth. When fgt.graph is NULL, skip fg_output_frame() since there is nothing to output. frame #0: 0x0000005555bc34a4 ffmpeg_g`enc_open(opaque=0xb400007efe2db690, frame=0xb400007efe2d9f70) at ffmpeg_enc.c:235:44 frame #1: 0x0000005555bef250 ffmpeg_g`enc_open(sch=0xb400007dde2d4090, enc=0xb400007e4e2daad0, frame=0xb400007efe2d9f70) at ffmpeg_sched.c:1462:11 frame #2: 0x0000005555bee094 ffmpeg_g`send_to_enc(sch=0xb400007dde2d4090, enc=0xb400007e4e2daad0, frame=0xb400007efe2d9f70) at ffmpeg_sched.c:1571:19 frame #3: 0x0000005555bee01c ffmpeg_g`sch_filter_send(sch=0xb400007dde2d4090, fg_idx=0, out_idx=0, frame=0xb400007efe2d9f70) at ffmpeg_sched.c:2154:12 frame #4: 0x0000005555bcf124 ffmpeg_g`close_output(ofp=0xb400007e4e2d85b0, fgt=0x0000007d1790eb08) at ffmpeg_filter.c:2225:15 frame #5: 0x0000005555bcb000 ffmpeg_g`fg_output_frame(ofp=0xb400007e4e2d85b0, fgt=0x0000007d1790eb08, frame=0x0000000000000000) at ffmpeg_filter.c:2317:16 frame #6: 0x0000005555bc7e48 ffmpeg_g`filter_thread(arg=0xb400007eae2ce7a0) at ffmpeg_filter.c:2836:15 frame #7: 0x0000005555bee568 ffmpeg_g`task_wrapper(arg=0xb400007d8e2db478) at ffmpeg_sched.c:2200:21 Signed-off-by: Zhao Zhili --- fftools/ffmpeg_filter.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fftools/ffmpeg_filter.c b/fftools/ffmpeg_filter.c index 9fc877b437..f175ca7918 100644 --- a/fftools/ffmpeg_filter.c +++ b/fftools/ffmpeg_filter.c @@ -2835,7 +2835,7 @@ read_frames: for (unsigned i = 0; i < fg->nb_outputs; i++) { OutputFilterPriv *ofp = ofp_from_ofilter(fg->outputs[i]); - if (fgt.eof_out[i]) + if (fgt.eof_out[i] || !fgt.graph) continue; ret = fg_output_frame(ofp, &fgt, NULL); -- 2.34.1 _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".