Signed-off-by: Baozeng Ding <[email protected]>
The argument `frame` for avcodec_receive_frame function is user controlled. If
a null pointer is passed from the user, it will cause a segmentation fault.
---
libavcodec/decode.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/libavcodec/decode.c b/libavcodec/decode.c
index 6a3a4df1..689e90d 100644
--- a/libavcodec/decode.c
+++ b/libavcodec/decode.c
@@ -711,6 +711,7 @@ int attribute_align_arg
avcodec_receive_frame(AVCodecContext *avctx, AVFrame *fr
AVCodecInternal *avci = avctx->internal;
int ret;
+ av_assert0(!frame);
av_frame_unref(frame);
if (!avcodec_is_open(avctx) || !av_codec_is_decoder(avctx->codec))
--
2.7.4
_______________________________________________
ffmpeg-devel mailing list
[email protected]
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
