As the potential failure of the av_mallocz(), the 's->alpha_context' could be NULL and be dereferenced later. Therefore, it should be better to check it and deal with it if fails in order to prevent memory leak, same as the av_frame_alloc() in ff_vp56_init().
Fixes: 39a3894ad5 ("lavc/vp6: Implement "slice" threading for VP6A decode") Signed-off-by: Jiasheng Jiang <jiash...@iscas.ac.cn> --- libavcodec/vp6.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/libavcodec/vp6.c b/libavcodec/vp6.c index d024370793..d75e717082 100644 --- a/libavcodec/vp6.c +++ b/libavcodec/vp6.c @@ -653,6 +653,10 @@ static av_cold int vp6_decode_init(AVCodecContext *avctx) if (s->has_alpha) { s->alpha_context = av_mallocz(sizeof(VP56Context)); + if (!s->alpha_context) { + ff_vp56_free(avctx); + return AVERROR(ENOMEM); + } ff_vp56_init_context(avctx, s->alpha_context, s->flip == -1, s->has_alpha); ff_vp6dsp_init(&s->alpha_context->vp56dsp); -- 2.25.1 _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".