#8259: A use-after-free bug in libavcodec/utils.c
-------------------------------------+-------------------------------------
Reporter: wurongxin | Owner:
Type: defect | Status: reopened
Priority: normal | Component:
| undetermined
Version: 3.4.6 | Resolution:
Keywords: | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
Changes (by wurongxin):
* status: closed => reopened
* resolution: invalid =>
Comment:
Replying to [comment:1 mkver]:
> Having a dangling pointer and using it in a function call does not
constitute a use-after-free; for this, one would have to try to access the
(invalid) data at the place where the pointer points to.
I don't think this is a safe operation and a good practice to write the
code like that way. Moreover, it totally matches the definition of use-
after-free. A very simple solution would be to swap the Line 104 and 105.
Please consider it carefully. BTW, this happens in libavcodec, why you
label the component as undetermined?
--
Ticket URL: <https://trac.ffmpeg.org/ticket/8259#comment:2>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
_______________________________________________
FFmpeg-trac mailing list
[email protected]
https://ffmpeg.org/mailman/listinfo/ffmpeg-trac
To unsubscribe, visit link above, or email
[email protected] with subject "unsubscribe".
