Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/FFmpeg/FFmpeg.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Niedermayer <michaelni@gmx.at>2013-01-14 05:54:16 +0400
committerMichael Niedermayer <michaelni@gmx.at>2013-01-14 06:03:53 +0400
commitaaa7d2fafcc375d8cdef25a289008821c9c2fbaa (patch)
treea1621068966f0a4c803db916343cfb42133061a8
parent55d05286696473487ce51e347985378e28c0713b (diff)
h264: don t leave stale pointers in delayed_pic in flush_changes.
Fixes null pointer dereference & assertion failure Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Diffstat
-rw-r--r--libavcodec/h264.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/libavcodec/h264.c b/libavcodec/h264.c
index 3b7ad98b99..d8d438e0c8 100644
--- a/libavcodec/h264.c
+++ b/libavcodec/h264.c
@@ -2153,12 +2153,19 @@ static void idr(H264Context *h)
/* forget old pics after a seek */
static void flush_change(H264Context *h)
{
+ int i, j;
+
h->outputed_poc = h->next_outputed_poc = INT_MIN;
h->prev_interlaced_frame = 1;
idr(h);
h->prev_frame_num = -1;
- if (h->s.current_picture_ptr)
+ if (h->s.current_picture_ptr) {
h->s.current_picture_ptr->f.reference = 0;
+ for (j=i=0; h->delayed_pic[i]; i++)
+ if (h->delayed_pic[i] != h->s.current_picture_ptr)
+ h->delayed_pic[j++] = h->delayed_pic[i];
+ h->delayed_pic[j] = NULL;
+ }
h->s.first_field = 0;
memset(h->ref_list[0], 0, sizeof(h->ref_list[0]));
memset(h->ref_list[1], 0, sizeof(h->ref_list[1]));
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-10 17:07:21 +0300