[FFmpeg-trac] #7193(avformat:new): Double free in libavformat/utils.c
FFmpeg
trac at avcodec.org
Wed May 9 06:36:55 EEST 2018
#7193: Double free in libavformat/utils.c
-------------------------------------+-------------------------------------
Reporter: timmyyuan | Type: defect
Status: new | Priority: normal
Component: avformat | Version: git-
Keywords: double free | master
Blocking: | Blocked By:
Analyzed by developer: 0 | Reproduced by developer: 0
-------------------------------------+-------------------------------------
Summary of the bug:
at libavformat/utils.c:642, **s->internal->id3v2_meta** was freed by
function **av_dict_free** in the else-branch.
at libavformat/utils.c:661, if the if-branch condition turns be true then
the program goto the **fail** handler at line 681.
at libavformat/utils.c:686, **avformat_free_context(s)** will be called in
the **fail** handler.
at libavformat/utils.c:4414, **s->internal->id3v2_meta** will be double
freed by **av_dict_free** in function **avformat_free_context**
--
Ticket URL: <https://trac.ffmpeg.org/ticket/7193>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list