[FFmpeg-devel] [PATCH] avcodec/wmalosslessdec: Fix null pointer dereference in decode_frame()

Michael Niedermayer michael at niedermayer.cc
Sun Mar 25 04:32:38 EEST 2018


Fixes: 2018_03_23_poc.wav
Found-by: GwanYeong Kim <gy741.kim at gmail.com>

Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
---
 libavcodec/wmalosslessdec.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/libavcodec/wmalosslessdec.c b/libavcodec/wmalosslessdec.c
index 59e8929586..eb1db615ae 100644
--- a/libavcodec/wmalosslessdec.c
+++ b/libavcodec/wmalosslessdec.c
@@ -1256,7 +1256,9 @@ static int decode_packet(AVCodecContext *avctx, void *data, int *got_frame_ptr,
             (frame_size = show_bits(gb, s->log2_frame_size)) &&
             frame_size <= remaining_bits(s, gb)) {
             save_bits(s, gb, frame_size, 0);
-            s->packet_done = !decode_frame(s);
+
+            if (!s->packet_loss)
+                s->packet_done = !decode_frame(s);
         } else if (!s->len_prefix
                    && s->num_saved_bits > get_bits_count(&s->gb)) {
             /* when the frames do not have a length prefix, we don't know the
-- 
2.16.2



More information about the ffmpeg-devel mailing list