generic-library/ffmpeg
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

bsf: check memory allocations

Browse Source
This commit is contained in:
Vittorio Giovara 2014-12-18 20:26:56 +01:00
parent 014b6b416f
commit 8a9641a652
7 changed files with 24 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
libavcodec/bitstream_filter.c
View File

@ -47,9 +47,17 @@ AVBitStreamFilterContext *av_bitstream_filter_init(const char *name)
if (!strcmp(name, bsf->name)) { if (!strcmp(name, bsf->name)) {
AVBitStreamFilterContext *bsfc = AVBitStreamFilterContext *bsfc =
av_mallocz(sizeof(AVBitStreamFilterContext)); av_mallocz(sizeof(AVBitStreamFilterContext));
if (!bsfc)
return NULL;
bsfc->filter = bsf; bsfc->filter = bsf;
bsfc->priv_data = bsfc->priv_data = NULL;
bsf->priv_data_size ? av_mallocz(bsf->priv_data_size) : NULL; if (bsf->priv_data_size) {
bsfc->priv_data = av_mallocz(bsf->priv_data_size);
if (!bsfc->priv_data) {
av_freep(&bsfc);
return NULL;
}
}
return bsfc; return bsfc;
} }
bsf = bsf->next; bsf = bsf->next;

2
libavcodec/dump_extradata_bsf.c
View File

@ -37,6 +37,8 @@ static int dump_extradata(AVBitStreamFilterContext *bsfc, AVCodecContext *avctx,
int size= buf_size + avctx->extradata_size; int size= buf_size + avctx->extradata_size;
*poutbuf_size= size; *poutbuf_size= size;
*poutbuf= av_malloc(size + FF_INPUT_BUFFER_PADDING_SIZE); *poutbuf= av_malloc(size + FF_INPUT_BUFFER_PADDING_SIZE);
if (!*poutbuf)
return AVERROR(ENOMEM);
memcpy(*poutbuf, avctx->extradata, avctx->extradata_size); memcpy(*poutbuf, avctx->extradata, avctx->extradata_size);
memcpy((*poutbuf) + avctx->extradata_size, buf, buf_size + FF_INPUT_BUFFER_PADDING_SIZE); memcpy((*poutbuf) + avctx->extradata_size, buf, buf_size + FF_INPUT_BUFFER_PADDING_SIZE);

2
libavcodec/imx_dump_header_bsf.c
View File

@ -43,6 +43,8 @@ static int imx_dump_header(AVBitStreamFilterContext *bsfc, AVCodecContext *avctx
} }
*poutbuf = av_malloc(buf_size + 20 + FF_INPUT_BUFFER_PADDING_SIZE); *poutbuf = av_malloc(buf_size + 20 + FF_INPUT_BUFFER_PADDING_SIZE);
if (!*poutbuf)
return AVERROR(ENOMEM);
poutbufp = *poutbuf; poutbufp = *poutbuf;
bytestream_put_buffer(&poutbufp, imx_header, 16); bytestream_put_buffer(&poutbufp, imx_header, 16);
bytestream_put_byte(&poutbufp, 0x83); /* KLV BER long form */ bytestream_put_byte(&poutbufp, 0x83); /* KLV BER long form */

2
libavcodec/mjpega_dump_header_bsf.c
View File

@ -45,6 +45,8 @@ static int mjpega_dump_header(AVBitStreamFilterContext *bsfc, AVCodecContext *av
*poutbuf_size = 0; *poutbuf_size = 0;
*poutbuf = av_malloc(buf_size + 44 + FF_INPUT_BUFFER_PADDING_SIZE); *poutbuf = av_malloc(buf_size + 44 + FF_INPUT_BUFFER_PADDING_SIZE);
if (!*poutbuf)
return AVERROR(ENOMEM);
poutbufp = *poutbuf; poutbufp = *poutbuf;
bytestream_put_byte(&poutbufp, 0xff); bytestream_put_byte(&poutbufp, 0xff);
bytestream_put_byte(&poutbufp, SOI); bytestream_put_byte(&poutbufp, SOI);

4
libavcodec/movsub_bsf.c
View File

@ -29,6 +29,8 @@ static int text2movsub(AVBitStreamFilterContext *bsfc, AVCodecContext *avctx, co
if (buf_size > 0xffff) return 0; if (buf_size > 0xffff) return 0;
*poutbuf_size = buf_size + 2; *poutbuf_size = buf_size + 2;
*poutbuf = av_malloc(*poutbuf_size + FF_INPUT_BUFFER_PADDING_SIZE); *poutbuf = av_malloc(*poutbuf_size + FF_INPUT_BUFFER_PADDING_SIZE);
if (!*poutbuf)
return AVERROR(ENOMEM);
AV_WB16(*poutbuf, buf_size); AV_WB16(*poutbuf, buf_size);
memcpy(*poutbuf + 2, buf, buf_size); memcpy(*poutbuf + 2, buf, buf_size);
return 1; return 1;
@ -46,6 +48,8 @@ static int mov2textsub(AVBitStreamFilterContext *bsfc, AVCodecContext *avctx, co
if (buf_size < 2) return 0; if (buf_size < 2) return 0;
*poutbuf_size = FFMIN(buf_size - 2, AV_RB16(buf)); *poutbuf_size = FFMIN(buf_size - 2, AV_RB16(buf));
*poutbuf = av_malloc(*poutbuf_size + FF_INPUT_BUFFER_PADDING_SIZE); *poutbuf = av_malloc(*poutbuf_size + FF_INPUT_BUFFER_PADDING_SIZE);
if (!*poutbuf)
return AVERROR(ENOMEM);
memcpy(*poutbuf, buf + 2, *poutbuf_size); memcpy(*poutbuf, buf + 2, *poutbuf_size);
return 1; return 1;
} }

3
libavcodec/noise_bsf.c
View File

@ -33,7 +33,8 @@ static int noise(AVBitStreamFilterContext *bsfc, AVCodecContext *avctx, const ch
int i; int i;
*poutbuf= av_malloc(buf_size + FF_INPUT_BUFFER_PADDING_SIZE); *poutbuf= av_malloc(buf_size + FF_INPUT_BUFFER_PADDING_SIZE);
if (!*poutbuf)
return AVERROR(ENOMEM);
memcpy(*poutbuf, buf, buf_size + FF_INPUT_BUFFER_PADDING_SIZE); memcpy(*poutbuf, buf, buf_size + FF_INPUT_BUFFER_PADDING_SIZE);
for(i=0; i<buf_size; i++){ for(i=0; i<buf_size; i++){
(*state) += (*poutbuf)[i] + 1; (*state) += (*poutbuf)[i] + 1;

2
libavcodec/parser.c
View File

@ -193,6 +193,8 @@ int av_parser_change(AVCodecParserContext *s, AVCodecContext *avctx,
*poutbuf_size = size; *poutbuf_size = size;
*poutbuf = av_malloc(size + FF_INPUT_BUFFER_PADDING_SIZE); *poutbuf = av_malloc(size + FF_INPUT_BUFFER_PADDING_SIZE);
if (!*poutbuf)
return AVERROR(ENOMEM);
memcpy(*poutbuf, avctx->extradata, avctx->extradata_size); memcpy(*poutbuf, avctx->extradata, avctx->extradata_size);
memcpy(*poutbuf + avctx->extradata_size, buf, memcpy(*poutbuf + avctx->extradata_size, buf,