From c4d63dbc9417ddf77f6e33f6144b23da7e97cb3b Mon Sep 17 00:00:00 2001
From: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Date: Mon, 7 Feb 2022 11:44:53 +0800
Subject: avcodec/vp6: return value check for av_mallocz

As the potential failure of the av_mallocz(), the 's->alpha_context'
could be NULL and be dereferenced later.
Therefore, it should be better to check it and deal with it if fails
in order to prevent memory leak, same as the av_frame_alloc() in
ff_vp56_init().

Fixes: 39a3894ad5 ("lavc/vp6: Implement "slice" threading for VP6A decode")
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
---
 libavcodec/vp6.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'libavcodec/vp6.c')

diff --git a/libavcodec/vp6.c b/libavcodec/vp6.c
index d024370793..d75e717082 100644
--- a/libavcodec/vp6.c
+++ b/libavcodec/vp6.c
@@ -653,6 +653,10 @@ static av_cold int vp6_decode_init(AVCodecContext *avctx)
 
     if (s->has_alpha) {
         s->alpha_context = av_mallocz(sizeof(VP56Context));
+        if (!s->alpha_context) {
+            ff_vp56_free(avctx);
+            return AVERROR(ENOMEM);
+        }
         ff_vp56_init_context(avctx, s->alpha_context,
                              s->flip == -1, s->has_alpha);
         ff_vp6dsp_init(&s->alpha_context->vp56dsp);
-- 
cgit v1.2.3