[FFmpeg-trac] #7019(avcodec:new): A memory leak bug detected in file /libavcodec/ass_split.c
FFmpeg
trac at avcodec.org
Mon Feb 12 11:27:48 EET 2018
#7019: A memory leak bug detected in file /libavcodec/ass_split.c
-------------------------------------+-------------------------------------
Reporter: fangang190 | Type: defect
Status: new | Priority: normal
Component: avcodec | Version: git-
Keywords: Memory leak | master
Blocking: | Blocked By:
Analyzed by developer: 0 | Reproduced by developer: 0
-------------------------------------+-------------------------------------
Summary of the bug:
How to reproduce:
{{{
No step needed for reproduce.
}}}
There is a potential memory leak bug in file ass_split.c, here is the
description.
A piece of memory is allocated on line 283. When executing the loop twice
and if the av_realloc_array returns null the function returns without
freeing the memory pointed by order.
{{{
if (section->format_header && !order) {
len = strlen(section->format_header);
if (!strncmp(buf, section->format_header, len) && buf[len] ==
':') {
buf += len + 1;
while (!is_eol(*buf)) {
buf = skip_space(buf);
len = strcspn(buf, ", \r\n");
283: if (!(tmp = av_realloc_array(order, (*number + 1),
sizeof(*order))))
return NULL;
order = tmp;
order[*number] = -1;
for (i=0; section->fields[i].name; i++)
if (!strncmp(buf, section->fields[i].name, len)) {
order[*number] = i;
break;
}
(*number)++;
buf = skip_space(buf + len + (buf[len] == ','));
}
ctx->field_order[ctx->current_section] = order;
goto next_line;
}
}
}}}
Suggested fix:
{{{free(order) before return NULL; on line 284}}}
Thanks
Gang
Sbrella
--
Ticket URL: <https://trac.ffmpeg.org/ticket/7019>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list