[FFmpeg-devel] [PATCH] libavfilter: guard against ff_draw_init/ff_draw_init2 failures
Nil Fons Miret
nilf at netflix.com
Tue Mar 4 03:05:58 EET 2025
>From what I can see, that one time it is called with constants in
qrencode.c will never fail. I can remove that check, but I am a bit
worried it will make it brittle if the internals of ff_draw_init*
change later on, e.g. to introduce more failure modes. In fact, I ran
across this issue while upgrading an old ffmpeg that did not have some
of these checks, so it was one of the new checks that caused the
segfault. Let me know what you think, I am open to changing it.
Thank you,
Nil
On Mon, Mar 3, 2025 at 3:56 PM Michael Niedermayer
<michael at niedermayer.cc> wrote:
>
> On Thu, Feb 20, 2025 at 10:31:57PM -0500, Nil Fons Miret via ffmpeg-devel wrote:
> > The return value of ff_draw_init and ff_draw_init2 are not checked in
> > most usages. However, if they return an error, they don't get to the
> > point where they set the attributes of the FFDrawContext. These
> > functions are typically used in conjunction with ff_draw_color, which
> > checks draw->desc->flags, causing a null pointer dereference.
> >
> > Attaching patch with a fix to guard against this.
>
> Is every of these ff_draw_init* calls able to fail ?
> i see one is called with constants for example
>
> thx
>
> [...]
>
> --
> Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
>
> Into a blind darkness they enter who follow after the Ignorance,
> they as if into a greater darkness enter who devote themselves
> to the Knowledge alone. -- Isha Upanishad
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request at ffmpeg.org with subject "unsubscribe".
More information about the ffmpeg-devel
mailing list