admin/webrtc_m130
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

VP8DecoderImpl: Fix uninitialized memory crash

Browse Source 
It is not safe to call vpx_codec_destroy if vpx_codec_dec_init failed,
because the |decoder_| memory will be uninitialized. See the bug for
more info.

BUG=chromium:663293

Review-Url: https://codereview.webrtc.org/2541163007
Cr-Commit-Position: refs/heads/master@{#15381}
This commit is contained in:
magjed 2016-12-02 02:46:18 -08:00 committed by Commit bot
parent 00bceb1eda
commit 5c71166dff
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
webrtc/modules/video_coding/codecs/vp8/vp8_impl.cc
View File

@ -1022,6 +1022,7 @@ int VP8DecoderImpl::InitDecode(const VideoCodec* inst, int number_of_cores) {
}
if (decoder_ == NULL) {
decoder_ = new vpx_codec_ctx_t;
memset(decoder_, 0, sizeof(*decoder_));
}
if (inst && inst->codecType == kVideoCodecVP8) {
feedback_mode_ = inst->VP8().feedbackModeOn;
@ -1038,6 +1039,8 @@ int VP8DecoderImpl::InitDecode(const VideoCodec* inst, int number_of_cores) {
#endif
if (vpx_codec_dec_init(decoder_, vpx_codec_vp8_dx(), &cfg, flags)) {
delete decoder_;
decoder_ = nullptr;
return WEBRTC_VIDEO_CODEC_MEMORY;
}