[FFmpeg-devel] [PATCH] av_malloc() workaround for QNX platform

Mike Gorchak mike.gorchak.qnx at gmail.com
Thu Feb 7 16:33:15 CET 2013

> I looked through the memalign hack code, and it seems to work as expected.
> If ptr returned by malloc is already aligned, diff will equal ALIGN,
> and the returned pointer is advanced by ALIGN, and there is plenty
> space to write the diff.

Here is step-by-step sample:

    ptr = malloc(size + ALIGN);

Let here will be: ptr = 0x0000FE0 - 32 bytes aligned and size also 32 bytes.

    diff              = ((~(long)ptr)&(ALIGN - 1)) + 1;

Let calculate diff manually: diff = (0xFFFF01F & 0x0000001F) +1, diff
= 0x00000020 (32)

    ptr               = (char *)ptr + diff;

ptr=0x0000FE0 + 0x00000020 = 0x00010000

So ptr now points to the beyond of the allocated memory. I was wrong
that problem with [-1] write, it is a problem with returned pointer.


More information about the ffmpeg-devel mailing list