From c2a3dcaf25e5771acd7f38a3a5e768e160cdc3d7 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Tue, 27 May 2008 20:48:27 +0000 Subject: [PATCH] Fix memleak, fixed CID123. Originally committed as revision 13472 to svn://svn.ffmpeg.org/ffmpeg/trunk --- libavformat/nutdec.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/libavformat/nutdec.c b/libavformat/nutdec.c index 0655d0f..fd7c893 100644 --- a/libavformat/nutdec.c +++ b/libavformat/nutdec.c @@ -500,6 +500,7 @@ static int find_and_decode_index(NUTContext *nut){ int64_t filesize= url_fsize(bc); int64_t *syncpoints; int8_t *has_keyframe; + int ret= -1; url_fseek(bc, filesize-12, SEEK_SET); url_fseek(bc, filesize-get_be64(bc), SEEK_SET); @@ -516,7 +517,9 @@ static int find_and_decode_index(NUTContext *nut){ syncpoints= av_malloc(sizeof(int64_t)*syncpoint_count); has_keyframe= av_malloc(sizeof(int8_t)*(syncpoint_count+1)); for(i=0; i0) + syncpoints[i] = ff_get_v(bc); + if(syncpoints[i] <= 0) + goto fail; if(i) syncpoints[i] += syncpoints[i-1]; } @@ -533,7 +536,7 @@ static int find_and_decode_index(NUTContext *nut){ x>>=1; if(n+x >= syncpoint_count + 1){ av_log(s, AV_LOG_ERROR, "index overflow A\n"); - return -1; + goto fail; } while(x--) has_keyframe[n++]= flag; @@ -542,7 +545,7 @@ static int find_and_decode_index(NUTContext *nut){ while(x != 1){ if(n>=syncpoint_count + 1){ av_log(s, AV_LOG_ERROR, "index overflow B\n"); - return -1; + goto fail; } has_keyframe[n++]= x&1; x>>=1; @@ -550,7 +553,7 @@ static int find_and_decode_index(NUTContext *nut){ } if(has_keyframe[0]){ av_log(s, AV_LOG_ERROR, "keyframe before first syncpoint in index\n"); - return -1; + goto fail; } assert(n<=syncpoint_count+1); for(; j