A resource leak vulnerability exists in FFmpeg’s zmqsend tool. When an input file is specified via the -i option, the program opens the file but fails to properly close the file handle before exiting. In high-frequency invocation scenarios or when the code is reused in long-lived processes, this issue may exhaust file descriptors and ultimately lead to a denial of service (DoS).
Resource Leak (CWE-772: Missing Release of Resource after Effective Lifetime)
FFmpeg Project (FFmpeg)
FFmpeg ≤ 8.0.1 (released on 2025-11-20)
main() in tools/zmqsend.c
Local. An attacker needs the ability to run the zmqsend tool in the target environment and repeatedly specify an input file via -i INFILE (e.g., in scripts, loops, scheduled tasks, or service-like wrappers that reuse this functionality). As unclosed file handles accumulate, the system’s file descriptor resources may be exhausted, causing a denial of service (DoS).
The FFmpeg zmqsend tool (source: tools/zmqsend.c) fails to correctly release a resource. Specifically, when an input file is provided using the -i option, the program opens the file with fopen(), for example:
infile = fopen(infilename, "r");
However, in the subsequent execution flow, this file handle is not explicitly closed before the program terminates. If the tool is invoked frequently, or if the relevant code path is reused in a long-lived process, this defect can cause file descriptors to remain allocated, eventually exhausting available file descriptors and potentially resulting in a denial of service (DoS).
This issue is fundamentally a resource lifetime management problem: the resource is not released after it is no longer needed, gradually reducing available system resources over time.
Ensure that any input file opened via fopen() is explicitly closed in a unified cleanup path before program exit. For example, add logic similar to:
if (infile && infile != stdin) {
fclose(infile);
}