[FFmpeg-devel] [PATCH] mxfdec: fix double free

Michael Niedermayer michaelni at gmx.at
Tue Dec 11 16:42:51 CET 2012


On Tue, Dec 11, 2012 at 01:19:49PM +0100, Tomas Härdin wrote:
> On Sun, 2012-12-09 at 19:29 +0100, Michael Niedermayer wrote:
> > On Sun, Dec 09, 2012 at 06:55:57PM +0100, Tomas Härdin wrote:
> > > Future patch idea: check that extradata hasn't already been parsed when
> > > parsing the descriptor. That would avoid a potential memory leak.
> > 
> > something like this: ?
> > 
> > diff --git a/libavformat/mxfdec.c b/libavformat/mxfdec.c
> > index a1884f1..7af9193 100644
> > --- a/libavformat/mxfdec.c
> > +++ b/libavformat/mxfdec.c
> > @@ -866,6 +866,10 @@ static int mxf_read_generic_descriptor(void *arg, AVIOContext *pb, int tag, int
> >      default:
> >          /* Private uid used by SONY C0023S01.mxf */
> >          if (IS_KLV_KEY(uid, mxf_sony_mpeg4_extradata)) {
> > +            if (descriptor->extradata)
> > +                av_log(NULL, AV_LOG_WARNING, "Duplicate sony_mpeg4_extradata\n");
> > +            av_free(descriptor->extradata);
> > +            descriptor->extradata_size = 0;
> >              descriptor->extradata = av_malloc(size + FF_INPUT_BUFFER_PADDING_SIZE);
> >              if (!descriptor->extradata)
> >                  return AVERROR(ENOMEM);
> 
> Yeah, that looks fine. Btw, FF_INPUT_BUFFER_PADDING_SIZE can be dropped
> since the padding is done in mxf_parse_structural_metadata() now.

applied and droped

thanks

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

I know you won't believe me, but the highest form of Human Excellence is
to question oneself and others. -- Socrates
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20121211/2bae179f/attachment.asc>


More information about the ffmpeg-devel mailing list