Commit b735b80b authored by Janne Grunau's avatar Janne Grunau

frame-mt: output delayed frames as soon as possible

c->out can hold a valid picture on bitstream errors after 4903d87b
when frame multi-threading is used. Output this picture instead of
returning the return value of dav1d_parse_obus().

Fixes `assert(dst->data[0] == ((void*)0));` in dav1d_picture_ref with
clusterfuzz-testcase-minimized-dav1d_fuzzer_mt-5743306491822080. Also
fixes a memory leak of frames with
clusterfuzz-testcase-minimized-dav1d_fuzzer_mt-5655593017147392. Credits
to oss-fuzz.
parent 18ab22b6
......@@ -315,17 +315,19 @@ int dav1d_get_picture(Dav1dContext *const c, Dav1dPicture *const out)
while (in->sz > 0) {
if ((res = dav1d_parse_obus(c, in, 0)) < 0) {
res = dav1d_parse_obus(c, in, 0);
if (res < 0) {
return res;
} else {
assert((size_t)res <= in->sz);
in->sz -= res;
in->data += res;
if (!in->sz) dav1d_data_unref(in);
if (c->[0])
if (res < 0)
return res;
if (c->[0])
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment