FFmpeg’s zmqsend tool contains a memory leak vulnerability. After calling av_bprint_finalize(&src, &src_buf), the program fails to free the returned heap buffer before exiting. When similar logic is reused in long-lived processes or loop-based workflows, the issue can cause continuously increasing memory usage and may eventually lead to crashes, service outages, or complete resource exhaustion.
Memory Leak, CWE-401: Missing Release of Memory after Effective Lifetime
FFmpeg Project (FFmpeg)
FFmpeg <= 8.0.1 (released on 2025-11-20)
main() function in tools/zmqsend.c
Local. An attacker needs the ability to execute the zmqsend tool and provide input that triggers allocation of the src_buf heap buffer. If the logic is integrated into a long-lived process, a repeated job, or a service component, the unreleased memory may be consumed continuously.
FFmpeg’s zmqsend tool (source file: tools/zmqsend.c) contains an incomplete memory cleanup issue. Specifically, after the program calls:
av_bprint_finalize(&src, &src_buf);
it obtains a heap-allocated buffer src_buf. However, on subsequent execution paths, this buffer is not explicitly freed before the program terminates, resulting in a memory leak.
This issue is a typical resource lifetime management flaw, where allocated memory is not released after it is no longer needed. For short-lived standalone command-line invocations, the leaked memory is usually reclaimed by the operating system when the process exits; however, if the logic is reused in a long-running program or placed in a loop, the leak can accumulate over time and lead to stability problems.
Free the heap buffer explicitly after it is no longer needed, preferably in a unified cleanup path before exiting. For example:
av_freep(&src_buf);