From 21a2fb7e0579703fdea96f659498ef8b1f243289 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michaelni@gmx.at>
Date: Tue, 31 Dec 2013 15:18:47 +0100
Subject: [PATCH] avcodec/hevc: clear HEVClc when its deallocated in
 hevc_decode_free()

Fixes reading freed memory
Fixes: asan_heap-uaf_1abf8ef_3987_NUT_A_ericsson_4.bit
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
---
 libavcodec/hevc.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/libavcodec/hevc.c b/libavcodec/hevc.c
index 55328b35e4..2f33d1d8a0 100644
--- a/libavcodec/hevc.c
+++ b/libavcodec/hevc.c
@@ -2728,6 +2728,8 @@ static av_cold int hevc_decode_free(AVCodecContext *avctx)
             av_freep(&s->sList[i]);
         }
     }
+    if (s->HEVClc == s->HEVClcList[0])
+        s->HEVClc = NULL;
     av_freep(&s->HEVClcList[0]);
 
     for (i = 0; i < s->nals_allocated; i++)