[libav-commits] matroska: Clear prev_pkt between seeks.

Mon, 23 Apr 2012 11:27:48 -0700 

Module: libav
Branch: master
Commit: 7521c4bab28ff3a622171be5b39a6b210f4263f0

Author:    Dale Curtis <[email protected]>
Committer: Justin Ruggles <[email protected]>
Date:      Mon Apr 23 16:15:31 2012 +0000

matroska: Clear prev_pkt between seeks.

The new incremental parser doesn't always clear prev_pkt,
however the packet queue is cleared when seeking. Which leads
to a use-after-free.

Verified using Valgrind.

Signed-off-by: Dale Curtis <[email protected]>
Signed-off-by: Justin Ruggles <[email protected]>

---

 libavformat/matroskadec.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/libavformat/matroskadec.c b/libavformat/matroskadec.c
index 100b97f..e45cfb0 100644
--- a/libavformat/matroskadec.c
+++ b/libavformat/matroskadec.c
@@ -2094,6 +2094,7 @@ static int matroska_read_seek(AVFormatContext *s, int 
stream_index,
         avio_seek(s->pb, st->index_entries[st->nb_index_entries-1].pos, 
SEEK_SET);
         matroska->current_id = 0;
         while ((index = av_index_search_timestamp(st, timestamp, flags)) < 0) {
+            matroska->prev_pkt = NULL;
             matroska_clear_queue(matroska);
             if (matroska_parse_cluster(matroska) < 0)
                 break;

_______________________________________________
libav-commits mailing list
[email protected]
https://lists.libav.org/mailman/listinfo/libav-commits

Reply via email to