On Mon, 6 Jan 2014 17:14:42 +0100, Vittorio Giovara <[email protected]> wrote: > --- > libavfilter/avfilter.c | 23 ++++++++++++++++++----- > 1 file changed, 18 insertions(+), 5 deletions(-) > > diff --git a/libavfilter/avfilter.c b/libavfilter/avfilter.c > index b18c0cb..fc44e48 100644 > --- a/libavfilter/avfilter.c > +++ b/libavfilter/avfilter.c > @@ -730,6 +730,7 @@ int ff_filter_frame(AVFilterLink *link, AVFrame *frame) > int (*filter_frame)(AVFilterLink *, AVFrame *); > AVFilterPad *dst = link->dstpad; > AVFrame *out; > + int ret; > > FF_DPRINTF_START(NULL, filter_frame); > ff_dlog_link(NULL, link, 1); > @@ -748,13 +749,18 @@ int ff_filter_frame(AVFilterLink *link, AVFrame *frame) > case AVMEDIA_TYPE_AUDIO: > out = ff_get_audio_buffer(link, frame->nb_samples); > break; > - default: return AVERROR(EINVAL); > + default: > + ret = AVERROR(EINVAL); > + goto fail;
out is uninitialized, so this goto will call av_frame_free on a random pointer -- Anton Khirnov _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
