avutil/frame: Copy size=0 side data in ff_init_buffer_info()

Fixes null pointer dereference Fixes: 189/FOO Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>

avutil/frame: Copy size=0 side data in ff_init_buffer_info()
Fixes null pointer dereference Fixes: 189/FOO Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
2acee08a · Michael Niedermayer · 3c0328d5 · 2acee08a
Commit 2acee08a authored Nov 16, 2016 by Michael Niedermayer
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 0 deletions

frame.c libavutil/frame.c +2 -0

No files found.
--- a/libavutil/frame.c
+++ b/libavutil/frame.c
@@ -349,6 +349,7 @@ FF_ENABLE_DEPRECATION_WARNINGS
                wipe_side_data(dst);
                return AVERROR(ENOMEM);
            }
+            if (sd_src->buf) {
            sd_dst->buf = av_buffer_ref(sd_src->buf);
            if (!sd_dst->buf) {
                wipe_side_data(dst);
@@ -356,6 +357,7 @@ FF_ENABLE_DEPRECATION_WARNINGS
            }
            sd_dst->data = sd_dst->buf->data;
            sd_dst->size = sd_dst->buf->size;
+            }
        }
        av_dict_copy(&sd_dst->metadata, sd_src->metadata, 0);
    }