RepoMirrors
/
ffmpeg
mirror of https://git.ffmpeg.org/ffmpeg.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

avplay: fix write on freed memory for rawvideo 

Do not assume avpacket and the decoded frames are independent.

To be absolutely sure and not sprinkle av_free_packet around the code
the call had been placed before getting the frame and on the error path.
This commit is contained in:
Luca Barbato 2012-06-28 20:55:04 +02:00
parent 3389545157
commit 906f9dce85
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
avplay.c
View File

@ -1597,6 +1597,7 @@ static int configure_video_filters(AVFilterGraph *graph, VideoState *is, const c
static int video_thread(void *arg)
{
AVPacket pkt = { 0 };
VideoState *is = arg;
AVFrame *frame = avcodec_alloc_frame();
int64_t pts_int;
@ -1617,7 +1618,6 @@ static int video_thread(void *arg)
#endif
for (;;) {
AVPacket pkt;
#if CONFIG_AVFILTER
AVFilterBufferRef *picref;
AVRational tb;
@ -1625,10 +1625,11 @@ static int video_thread(void *arg)
while (is->paused && !is->videoq.abort_request)
SDL_Delay(10);
av_free_packet(&pkt);
ret = get_video_frame(is, frame, &pts_int, &pkt);
if (ret < 0)
goto the_end;
av_free_packet(&pkt);
if (!ret)
continue;
@ -1708,6 +1709,7 @@ static int video_thread(void *arg)
av_freep(&vfilters);
avfilter_graph_free(&graph);
#endif
av_free_packet(&pkt);
av_free(frame);
return 0;
}