avcodec/pgssubdec: Free subtitle on error
authorMichael Niedermayer <michael@niedermayer.cc>
Sat, 4 Jan 2020 20:58:28 +0000 (21:58 +0100)
committerMichael Niedermayer <michael@niedermayer.cc>
Sun, 5 Jan 2020 19:31:42 +0000 (20:31 +0100)
Fixes: Assertion failure
Fixes: 19753/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PGSSUB_fuzzer-5688461843759104

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
libavcodec/pgssubdec.c

index 8c10f6d..7fadcb8 100644 (file)
@@ -691,8 +691,11 @@ static int decode(AVCodecContext *avctx, void *data, int *data_size,
             ret = AVERROR_INVALIDDATA;
             break;
         }
-        if (ret < 0 && (avctx->err_recognition & AV_EF_EXPLODE))
+        if (ret < 0 && (avctx->err_recognition & AV_EF_EXPLODE)) {
+            avsubtitle_free(data);
+            *data_size = 0;
             return ret;
+        }
 
         buf += segment_length;
     }