forked from jengelh/ffmpeg-4
30 lines
886 B
Diff
30 lines
886 B
Diff
From 7f9c7f9849a2155224711f0ff57ecdac6e4bfb57 Mon Sep 17 00:00:00 2001
|
|
From: James Almer <jamrial@gmail.com>
|
|
Date: Wed, 1 Jan 2025 23:58:39 -0300
|
|
Subject: [PATCH] avcodec/jpeg2000dec: clear array length when freeing it
|
|
|
|
Fixes NULL pointer dereferences.
|
|
Fixes ticket #11393.
|
|
|
|
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Signed-off-by: James Almer <jamrial@gmail.com>
|
|
---
|
|
libavcodec/jpeg2000dec.c | 1 +
|
|
1 file changed, 1 insertion(+)
|
|
|
|
diff --git a/libavcodec/jpeg2000dec.c b/libavcodec/jpeg2000dec.c
|
|
index e5e897a29f..b82d85d5ee 100644
|
|
--- a/libavcodec/jpeg2000dec.c
|
|
+++ b/libavcodec/jpeg2000dec.c
|
|
@@ -1521,6 +1521,7 @@ static int jpeg2000_decode_packet(Jpeg2000DecoderContext *s, Jpeg2000Tile *tile,
|
|
}
|
|
}
|
|
av_freep(&cblk->lengthinc);
|
|
+ cblk->nb_lengthinc = 0;
|
|
}
|
|
}
|
|
// Save state of stream
|
|
--
|
|
2.44.0
|
|
|