avcodec/tiff: Set FF_CODEC_CAP_INIT_CLEANUP

Fixes: memleaks
Fixes: 17813/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-5145600206569472

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

diff --git a/libavcodec/tiff.c b/libavcodec/tiff.c
index 9f24796..f537e99 100644 (file)
--- a/libavcodec/tiff.c
+++ b/libavcodec/tiff.c
@@ -2090,8 +2090,6 @@ static av_cold int tiff_init(AVCodecContext *avctx)
     s->avctx_mjpeg->idct_algo = avctx->idct_algo;
     ret = ff_codec_open2_recursive(s->avctx_mjpeg, codec, NULL);
     if (ret < 0) {
-        av_frame_free(&s->jpgframe);
-        avcodec_free_context(&s->avctx_mjpeg);
         return ret;
     }
 
@@ -2142,5 +2140,6 @@ AVCodec ff_tiff_decoder = {
     .decode         = decode_frame,
     .init_thread_copy = ONLY_IF_THREADS_ENABLED(tiff_init),
     .capabilities   = AV_CODEC_CAP_DR1 | AV_CODEC_CAP_FRAME_THREADS,
+    .caps_internal  = FF_CODEC_CAP_INIT_CLEANUP,
     .priv_class     = &tiff_decoder_class,
 };