avformat/swfdec: Reorder allocations/initializations

The earlier code would first attempt to allocate two buffers, then
attempt to allocate an AVIOContext, using one of the new buffers I/O
buffer, then check the allocations. On success, a z_stream that is used
in the AVIOContext's read_packet callback is initialized afterwards.

There are two problems with this: In case the allocation of the I/O
buffer fails avio_alloc_context() will be given a NULL read buffer
with a size > 0. This works right now, but it is fragile. The second
problem is that the z_stream used in the read_packet callback is not
functional when avio_alloc_context() is allocated (it might be that
avio_alloc_context() might already fill the buffer in the future). This
commit fixes both of these problems by reordering the operations.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
This commit is contained in:
Andreas Rheinhardt 2020-09-20 12:28:03 +02:00
parent 28dc0c20cc
commit 3f04c30372
1 changed files with 11 additions and 15 deletions

View File

@ -140,6 +140,8 @@ retry:
return buf_size - z->avail_out; return buf_size - z->avail_out;
} }
static av_cold int swf_read_close(AVFormatContext *avctx);
#endif #endif
static int swf_read_header(AVFormatContext *s) static int swf_read_header(AVFormatContext *s)
@ -154,24 +156,18 @@ static int swf_read_header(AVFormatContext *s)
if (tag == MKBETAG('C', 'W', 'S', 0)) { if (tag == MKBETAG('C', 'W', 'S', 0)) {
av_log(s, AV_LOG_INFO, "SWF compressed file detected\n"); av_log(s, AV_LOG_INFO, "SWF compressed file detected\n");
#if CONFIG_ZLIB #if CONFIG_ZLIB
swf->zbuf_in = av_malloc(ZBUF_SIZE); if (inflateInit(&swf->zstream) != Z_OK) {
swf->zbuf_out = av_malloc(ZBUF_SIZE); av_log(s, AV_LOG_ERROR, "Unable to init zlib context\n");
swf->zpb = avio_alloc_context(swf->zbuf_out, ZBUF_SIZE, 0, s, return AVERROR(EINVAL);
zlib_refill, NULL, NULL); }
if (!swf->zbuf_in || !swf->zbuf_out || !swf->zpb) { if (!(swf->zbuf_in = av_malloc(ZBUF_SIZE)) ||
av_freep(&swf->zbuf_in); !(swf->zbuf_out = av_malloc(ZBUF_SIZE)) ||
av_freep(&swf->zbuf_out); !(swf->zpb = avio_alloc_context(swf->zbuf_out, ZBUF_SIZE, 0,
avio_context_free(&swf->zpb); s, zlib_refill, NULL, NULL))) {
swf_read_close(s);
return AVERROR(ENOMEM); return AVERROR(ENOMEM);
} }
swf->zpb->seekable = 0; swf->zpb->seekable = 0;
if (inflateInit(&swf->zstream) != Z_OK) {
av_log(s, AV_LOG_ERROR, "Unable to init zlib context\n");
av_freep(&swf->zbuf_in);
av_freep(&swf->zbuf_out);
avio_context_free(&swf->zpb);
return AVERROR(EINVAL);
}
pb = swf->zpb; pb = swf->zpb;
#else #else
av_log(s, AV_LOG_ERROR, "zlib support is required to read SWF compressed files\n"); av_log(s, AV_LOG_ERROR, "zlib support is required to read SWF compressed files\n");