[FFmpeg-cvslog] vf_drawtext: Do not leak the mmapped textfile

Luca Barbato git at videolan.org
Sun Jan 18 00:46:53 CET 2015


ffmpeg | branch: release/2.4 | Luca Barbato <lu_zero at gentoo.org> | Fri Oct 17 10:07:10 2014 +0100| [608e8d8dd754199b657b439f9e722e0b45f84461] | committer: Vittorio Giovara

vf_drawtext: Do not leak the mmapped textfile

And validate its size while at it.

CC: libav-stable at libav.org
Bug-Id: CID 1244189

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=608e8d8dd754199b657b439f9e722e0b45f84461
---

 libavfilter/vf_drawtext.c |    5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/libavfilter/vf_drawtext.c b/libavfilter/vf_drawtext.c
index 892104d..d954fdf 100644
--- a/libavfilter/vf_drawtext.c
+++ b/libavfilter/vf_drawtext.c
@@ -398,8 +398,11 @@ static av_cold int init(AVFilterContext *ctx)
             return err;
         }
 
-        if (!(s->text = av_malloc(textbuf_size+1)))
+        if (textbuf_size > SIZE_MAX - 1 ||
+            !(s->text = av_malloc(textbuf_size + 1))) {
+            av_file_unmap(textbuf, textbuf_size);
             return AVERROR(ENOMEM);
+        }
         memcpy(s->text, textbuf, textbuf_size);
         s->text[textbuf_size] = 0;
         av_file_unmap(textbuf, textbuf_size);



More information about the ffmpeg-cvslog mailing list