[FFmpeg-devel] [PATCH 5/9] lavf/oggdec: rework allocations in ogg_new_streams().
Clément Bœsch
ubitux at gmail.com
Sat Sep 15 02:10:38 CEST 2012
On Sat, Sep 15, 2012 at 01:30:09AM +0200, Reimar Döffinger wrote:
> On Sat, Sep 15, 2012 at 01:20:44AM +0200, Clément Bœsch wrote:
> > ---
> > libavformat/oggdec.c | 8 ++++++--
> > 1 file changed, 6 insertions(+), 2 deletions(-)
> >
> > diff --git a/libavformat/oggdec.c b/libavformat/oggdec.c
> > index 05aeddd..451e392 100644
> > --- a/libavformat/oggdec.c
> > +++ b/libavformat/oggdec.c
> > @@ -169,14 +169,18 @@ static int ogg_new_stream(AVFormatContext *s, uint32_t serial, int new_avstream)
> > AVStream *st;
> > struct ogg_stream *os;
> >
> > - ogg->streams = av_realloc (ogg->streams,
> > - ogg->nstreams * sizeof (*ogg->streams));
> > + ogg->streams = av_realloc_f(ogg->streams, ogg->nstreams,
> > + sizeof(*ogg->streams));
> > + if (!ogg->streams)
> > + return AVERROR(ENOMEM);
> > memset (ogg->streams + idx, 0, sizeof (*ogg->streams));
> > os = ogg->streams + idx;
> > os->serial = serial;
> > os->bufsize = DECODER_BUFFER_SIZE;
> > os->buf = av_malloc(os->bufsize + FF_INPUT_BUFFER_PADDING_SIZE);
> > os->header = -1;
> > + if (!os->buf)
> > + return AVERROR(ENOMEM);
>
> I don't think nstreams should be incremented in the failure case?
> Also the realloc is not fully correct, it will still leak memory on
> failure (sorry if some later patch addresses this, just going through in
> order)
You're totally right, and no worry, no later patch addresses this problem.
The new attached patch should be better.
--
Clément B.
-------------- next part --------------
From 3208fa20e4674f1c383aa62eaefa388d8a10d26b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cl=C3=A9ment=20B=C5=93sch?= <ubitux at gmail.com>
Date: Fri, 14 Sep 2012 23:51:30 +0200
Subject: [PATCH 5/9] lavf/oggdec: rework allocations in ogg_new_streams().
---
libavformat/oggdec.c | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/libavformat/oggdec.c b/libavformat/oggdec.c
index 05aeddd..fbc35dd 100644
--- a/libavformat/oggdec.c
+++ b/libavformat/oggdec.c
@@ -165,18 +165,24 @@ static int ogg_new_stream(AVFormatContext *s, uint32_t serial, int new_avstream)
{
struct ogg *ogg = s->priv_data;
- int idx = ogg->nstreams++;
+ int idx = ogg->nstreams;
AVStream *st;
struct ogg_stream *os;
+ size_t size;
- ogg->streams = av_realloc (ogg->streams,
- ogg->nstreams * sizeof (*ogg->streams));
+ if (av_size_mult(ogg->nstreams + 1, sizeof(*ogg->streams), &size) < 0 ||
+ !(os = av_realloc(ogg->streams, size)))
+ return AVERROR(ENOMEM);
+ ogg->streams = os;
+ ogg->nstreams++;
memset (ogg->streams + idx, 0, sizeof (*ogg->streams));
os = ogg->streams + idx;
os->serial = serial;
os->bufsize = DECODER_BUFFER_SIZE;
os->buf = av_malloc(os->bufsize + FF_INPUT_BUFFER_PADDING_SIZE);
os->header = -1;
+ if (!os->buf)
+ return AVERROR(ENOMEM);
if (new_avstream) {
st = avformat_new_stream(s, NULL);
--
1.7.12
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20120915/bcb25e45/attachment.asc>
More information about the ffmpeg-devel
mailing list