On 12/04/12 17:56, [email protected] wrote: > From: Dale Curtis <[email protected]> > > Instead of allocating over the original, free first. MOVStreamContext > is zero initialized so no double free will occur. Same style as other > fixes for the same problem in this file. > > Signed-off-by: Dale Curtis <[email protected]> > --- > libavformat/mov.c | 1 + > 1 files changed, 1 insertions(+), 0 deletions(-) > > diff --git a/libavformat/mov.c b/libavformat/mov.c > index b4ff1df..7075033 100644 > --- a/libavformat/mov.c > +++ b/libavformat/mov.c > @@ -400,6 +400,7 @@ static int mov_read_dref(MOVContext *c, AVIOContext *pb, > MOVAtom atom) > entries = avio_rb32(pb); > if (entries >= UINT_MAX / sizeof(*sc->drefs)) > return AVERROR_INVALIDDATA; > + av_free(sc->drefs); > sc->drefs = av_mallocz(entries * sizeof(*sc->drefs)); > if (!sc->drefs) > return AVERROR(ENOMEM);
Seems fine. lu -- Luca Barbato Gentoo/linux http://dev.gentoo.org/~lu_zero _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
