On Sun, Mar 9, 2014 at 1:52 PM, Vittorio Giovara <[email protected]> wrote: > Found-by: Laurent Butti <[email protected]> > --- > Found many more places where deference could happen, added at the end. > Vittorio > > libavcodec/jpeg2000.c | 31 +++++++++++++++++++++++-------- > 1 file changed, 23 insertions(+), 8 deletions(-) > > diff --git a/libavcodec/jpeg2000.c b/libavcodec/jpeg2000.c > index bf46398..154409e 100644 > --- a/libavcodec/jpeg2000.c > +++ b/libavcodec/jpeg2000.c > @@ -228,7 +228,7 @@ int ff_jpeg2000_init_component(Jpeg2000Component *comp, > if (!comp->i_data) > return AVERROR(ENOMEM); > } > - comp->reslevel = av_malloc_array(codsty->nreslevels, > sizeof(*comp->reslevel)); > + comp->reslevel = av_mallocz_array(codsty->nreslevels, > sizeof(*comp->reslevel)); > if (!comp->reslevel) > return AVERROR(ENOMEM); > /* LOOP on resolution levels */ > @@ -276,7 +276,7 @@ int ff_jpeg2000_init_component(Jpeg2000Component *comp, > reslevel->log2_prec_height) - > (reslevel->coord[1][0] >> reslevel->log2_prec_height); > > - reslevel->band = av_malloc_array(reslevel->nbands, > sizeof(*reslevel->band)); > + reslevel->band = av_mallocz_array(reslevel->nbands, > sizeof(*reslevel->band)); > if (!reslevel->band) > return AVERROR(ENOMEM); > > @@ -372,9 +372,9 @@ int ff_jpeg2000_init_component(Jpeg2000Component *comp, > for (j = 0; j < 2; j++) > band->coord[1][j] = ff_jpeg2000_ceildiv(band->coord[1][j], > dy); > > - band->prec = av_malloc_array(reslevel->num_precincts_x * > - reslevel->num_precincts_y, > - sizeof(*band->prec)); > + band->prec = av_mallocz_array(reslevel->num_precincts_x * > + reslevel->num_precincts_y, > + sizeof(*band->prec)); > if (!band->prec) > return AVERROR(ENOMEM); > > @@ -487,15 +487,30 @@ void ff_jpeg2000_cleanup(Jpeg2000Component *comp, > Jpeg2000CodingStyle *codsty) > for (reslevelno = 0; > comp->reslevel && reslevelno < codsty->nreslevels; > reslevelno++) { > - Jpeg2000ResLevel *reslevel = comp->reslevel + reslevelno; > + Jpeg2000ResLevel *reslevel; > + > + if (!comp->reslevel) > + continue; > > + reslevel = comp->reslevel + reslevelno; > for (bandno = 0; bandno < reslevel->nbands; bandno++) { > - Jpeg2000Band *band = reslevel->band + bandno; > + Jpeg2000Band *band; > + > + if (!reslevel->band) > + continue; > + > + band = reslevel->band + bandno; > for (precno = 0; precno < reslevel->num_precincts_x * > reslevel->num_precincts_y; precno++) { > - Jpeg2000Prec *prec = band->prec + precno; > + Jpeg2000Prec *prec; > + > + if (!band->prec) > + continue; > + > + prec = band->prec + precno; > av_freep(&prec->zerobits); > av_freep(&prec->cblkincl); > av_freep(&prec->cblk); > + > } > > av_freep(&band->prec); > -- > 1.8.3.4 (Apple Git-47) >
Ping -- Vittorio _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
