Fixes: memleak
Fixes: 23142/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5932860820422656
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
... | ... |
@@ -59,8 +59,10 @@ |
59 | 59 |
#define GET_LIST_HEADER() \ |
60 | 60 |
fourcc_tag = avio_rl32(pb); \ |
61 | 61 |
size = avio_rl32(pb); \ |
62 |
- if (fourcc_tag != LIST_TAG) \ |
|
63 |
- return AVERROR_INVALIDDATA; \ |
|
62 |
+ if (fourcc_tag != LIST_TAG) { \ |
|
63 |
+ ret = AVERROR_INVALIDDATA; \ |
|
64 |
+ goto fail; \ |
|
65 |
+ } \ |
|
64 | 66 |
fourcc_tag = avio_rl32(pb); |
65 | 67 |
|
66 | 68 |
typedef struct AudioTrack { |
... | ... |
@@ -210,7 +212,7 @@ static int fourxm_read_header(AVFormatContext *s) |
210 | 210 |
unsigned int size; |
211 | 211 |
int header_size; |
212 | 212 |
FourxmDemuxContext *fourxm = s->priv_data; |
213 |
- unsigned char *header; |
|
213 |
+ unsigned char *header = NULL; |
|
214 | 214 |
int i, ret; |
215 | 215 |
|
216 | 216 |
fourxm->track_count = 0; |