Hey there, I think there is a bug in av_open_input_stream when avformat_open_input fails. Only ic is set to NULL, but *ic_ptr is left unchanged in this case. Some applications using the old API (e.g. VLC) then try to free the AVFormatContext with av_close_input_stream, which has already been freed by avformat_open_input, and segfault.
David
>From 9583c906d2c6a8e309fb568f294427ef52b96939 Mon Sep 17 00:00:00 2001 From: David Goldwich <[email protected]> Date: Sat, 17 Sep 2011 13:50:35 +0200 Subject: [PATCH] lavf: Fix context pointer in av_open_input_stream when avformat_open_input fails Signed-off-by: David Goldwich <[email protected]> --- libavformat/utils.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/libavformat/utils.c b/libavformat/utils.c index ae71763..05d4fda 100644 --- a/libavformat/utils.c +++ b/libavformat/utils.c @@ -470,8 +470,8 @@ int av_open_input_stream(AVFormatContext **ic_ptr, goto fail; ic->pb = ic->pb ? ic->pb : pb; // don't leak custom pb if it wasn't set above - *ic_ptr = ic; fail: + *ic_ptr = ic; av_dict_free(&opts); return err; } -- 1.7.4.4
_______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
