lavu: Check av_dict_set allocations
authorLuca Barbato <lu_zero@gentoo.org>
Tue, 16 Dec 2014 13:21:20 +0000 (14:21 +0100)
committerVittorio Giovara <vittorio.giovara@gmail.com>
Thu, 29 Jan 2015 14:59:57 +0000 (14:59 +0000)
Bug-Id: CID 1257772
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
libavutil/dict.c

index e4ea776..7f48320 100644 (file)
@@ -71,9 +71,12 @@ int av_dict_set(AVDictionary **pm, const char *key, const char *value,
     AVDictionary *m = *pm;
     AVDictionaryEntry *tag = av_dict_get(m, key, NULL, flags);
     char *oldval = NULL;
+    int allocated = !!m;
 
     if (!m)
         m = *pm = av_mallocz(sizeof(*m));
+    if (!m)
+        return AVERROR(ENOMEM);
 
     if (tag) {
         if (flags & AV_DICT_DONT_OVERWRITE) {
@@ -88,12 +91,14 @@ int av_dict_set(AVDictionary **pm, const char *key, const char *value,
         av_free(tag->key);
         *tag = m->elems[--m->count];
     } else {
-        AVDictionaryEntry *tmp = av_realloc(m->elems,
-                                            (m->count + 1) * sizeof(*m->elems));
-        if (tmp)
-            m->elems = tmp;
-        else
-            return AVERROR(ENOMEM);
+        int ret = av_reallocp_array(&m->elems,
+                                    m->count + 1, sizeof(*m->elems));
+        if (ret < 0) {
+            if (allocated)
+                av_freep(pm);
+
+            return ret;
+        }
     }
     if (value) {
         if (flags & AV_DICT_DONT_STRDUP_KEY)