libavfilter: guard against ff_draw_init/ff_draw_init2 failures

The return value of ff_draw_init and ff_draw_init2 are not checked in
most usages. However, if they return an error, they don't get to the
point where they set the attributes of the FFDrawContext. These
functions are typically used in conjunction with ff_draw_color, which
checks draw->desc->flags, causing a null pointer dereference.

Signed-off-by: Nil Fons Miret <[email protected]>
Signed-off-by: Michael Niedermayer <[email protected]>

1 files changed, 5 insertions, 1 deletions

diff --git a/libavfilter/vf_stack.c b/libavfilter/vf_stack.c
index 937b87305f..fa202ee0cc 100644
--- a/libavfilter/vf_stack.c
+++ b/libavfilter/vf_stack.c
@@ -312,7 +312,11 @@ static int config_output(AVFilterLink *outlink)
 
         if (s->fillcolor_enable) {
             const AVFilterLink *inlink = ctx->inputs[0];
-            ff_draw_init2(&s->draw, inlink->format, inlink->colorspace, inlink->color_range, 0);
+            ret = ff_draw_init2(&s->draw, inlink->format, inlink->colorspace, inlink->color_range, 0);
+            if (ret < 0) {
+                av_log(ctx, AV_LOG_ERROR, "Failed to initialize FFDrawContext\n");
+                return ret;
+            }
             ff_draw_color(&s->draw, &s->color, s->fillcolor);
         }