On 2014-01-06 08:36:37 +0100, Anton Khirnov wrote:
> Fixes possible access to freed memory.
>
> Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
> CC:libav-sta...@libav.org
> ---
> libavcodec/h264_refs.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/libavcodec/h264_refs.c b/libavcodec/h264_refs.c
> index bba77d1..88aaac7 100644
> --- a/libavcodec/h264_refs.c
> +++ b/libavcodec/h264_refs.c
> @@ -621,6 +621,8 @@ int ff_h264_execute_ref_pic_marking(H264Context *h, MMCO
> *mmco, int mmco_count)
> * Report the problem and keep the pair where it is,
> * and mark this field valid.
> */
> + if (h->short_ref[0] == h->cur_pic_ptr)
> + remove_short_at_index(h, 0);
>
> if (h->long_ref[mmco[i].long_arg] != h->cur_pic_ptr) {
> remove_long(h, mmco[i].long_arg, 0);
ok,
could maybe use a log message
Janne
_______________________________________________
libav-devel mailing list
libav-devel@libav.org
https://lists.libav.org/mailman/listinfo/libav-devel
