From c35e456f54d6c59ea62b18ce5b273da67c60903c Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Sat, 2 Jan 2021 00:36:39 +0100
Subject: avformat/mvdec: Allocate extradata only once

Fixes: memleak
Fixes: 28686/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5822961932173312

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavformat/mvdec.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

(limited to 'libavformat')

diff --git a/libavformat/mvdec.c b/libavformat/mvdec.c
index f1f73e51f9..2aef93a735 100644
--- a/libavformat/mvdec.c
+++ b/libavformat/mvdec.c
@@ -213,10 +213,12 @@ static int parse_video_var(AVFormatContext *avctx, AVStream *st,
         st->codecpar->width = var_read_int(pb, size);
     } else if (!strcmp(name, "ORIENTATION")) {
         if (var_read_int(pb, size) == 1101) {
-            st->codecpar->extradata      = av_strdup("BottomUp");
-            if (!st->codecpar->extradata)
-                return AVERROR(ENOMEM);
-            st->codecpar->extradata_size = 9;
+            if (!st->codecpar->extradata) {
+                st->codecpar->extradata = av_strdup("BottomUp");
+                if (!st->codecpar->extradata)
+                    return AVERROR(ENOMEM);
+                st->codecpar->extradata_size = 9;
+            }
         }
     } else if (!strcmp(name, "Q_SPATIAL") || !strcmp(name, "Q_TEMPORAL")) {
         var_read_metadata(avctx, name, size);
-- 
cgit v1.2.3