PR #22269 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/22269 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/22269.patch
Fixes: 485523353/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VP9_fuzzer-4582329227214848 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]> >From 1aeee6864aca850c1fb10c759feb2f2b2ee1f6a4 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer <[email protected]> Date: Sun, 22 Feb 2026 22:41:29 +0100 Subject: [PATCH] avcodec/vp9: Fix memleak Fixes: 485523353/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VP9_fuzzer-4582329227214848 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]> --- libavcodec/vp9.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libavcodec/vp9.c b/libavcodec/vp9.c index 454346532c..1f34197a28 100644 --- a/libavcodec/vp9.c +++ b/libavcodec/vp9.c @@ -1607,10 +1607,12 @@ static int vp9_decode_frame(AVCodecContext *avctx, AVFrame *frame, s->frame_header = &rf->header; if ((ret = decode_frame_header(avctx, data, size, &ref)) < 0) { + ff_cbs_fragment_reset(&s->current_frag); return ret; } else if (ret == 0) { if (!s->s.refs[ref].f) { av_log(avctx, AV_LOG_ERROR, "Requested reference %d not available\n", ref); + ff_cbs_fragment_reset(&s->current_frag); return AVERROR_INVALIDDATA; } for (int i = 0; i < 8; i++) -- 2.52.0 _______________________________________________ ffmpeg-devel mailing list -- [email protected] To unsubscribe send an email to [email protected]
