[FFmpeg-devel] [PATCH 2/4] avfilter/asrc_sinc: fix leak in config_input()

Michael Niedermayer michael at niedermayer.cc
Sat Jun 28 02:04:28 EEST 2025 

On Wed, Jun 25, 2025 at 09:43:14AM +0800, ld y wrote:
> Michael Niedermayer <michael at niedermayer.cc> writes:
> 
> > doesnt the failure path here need the free too ?
> >         int ret = fir_to_phase(s, &h[longer], &n, &post_peak, s->phase);
> >         if (ret < 0)
> >             return ret;
> >
> 
> I checked fir_to_phase() and found that the only place it allocates memory
> in
> h[longer] is vis
>     *h = av_realloc_f();
> 
> If fir_to_phase() failed after this allocations, then *h must be NULL,
> which implies that av_realloc_f() failed. In that case, we don't need to
> av_free(h[longer]). However, I still need to double check other allocation
> site
> in case we need to free more memory.

failure of av_tx_init() with your patch results in a leak:

==3653806== 1,260 bytes in 1 blocks are definitely lost in loss record 6 of 14
==3653806==    at 0x483E0F0: memalign (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==3653806==    by 0x483E212: posix_memalign (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==3653806==    by 0x148AE90: av_malloc (mem.c:107)
==3653806==    by 0x148B2A4: av_mallocz (mem.c:258)
==3653806==    by 0x148B31B: av_calloc (mem.c:269)
==3653806==    by 0x2AD864: make_lpf (asrc_sinc.c:101)
==3653806==    by 0x2AE052: lpf (asrc_sinc.c:183)
==3653806==    by 0x2AEFD4: config_output (asrc_sinc.c:344)
==3653806==    by 0x2DD0C6: ff_filter_config_links (avfilter.c:384)
==3653806==    by 0x2E0FBD: graph_config_links (avfiltergraph.c:255)
==3653806==    by 0x2E4DFA: avfilter_graph_config (avfiltergraph.c:1303)
==3653806==    by 0x297A39: lavfi_read_header (lavfi.c:282)
==3653806==    by 0x667DF2: avformat_open_input (demux.c:309)
==3653806==    by 0x2512DD: ifile_open (ffmpeg_demux.c:1773)
==3653806==    by 0x272B02: open_files (ffmpeg_opt.c:1366)
==3653806==    by 0x272D72: ffmpeg_parse_options (ffmpeg_opt.c:1415)
==3653806==    by 0x292489: main (ffmpeg.c:991)


[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Breaking DRM is a little like attempting to break through a door even
though the window is wide open and the only thing in the house is a bunch
of things you dont want and which you would get tomorrow for free anyway
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20250628/8a45462f/attachment.sig>

More information about the ffmpeg-devel mailing list