[Ffmpeg-devel] [PATCH] av_realloc, unneccesary memcpy and possibly leaks after r5992

Hervé W. H.O.W.aka.V+ffmpeg
Sun Aug 13 15:59:54 CEST 2006


Hi,

in libavutil/mem.c after r5992:
> #ifndef MEMALIGN_HACK
>     ptr= realloc(ptr, size);

"If realloc() fails the original block is left untouched - it is not
freed or moved"
according to: http://man.he.net/man3/realloc
(and possibly others)
fixed in: " inputdata disappeared even after failed realloc.diff "

>     if(((int)ptr&15) || !ptr)

if ((int)ptr&15) is "true", then ptr is unaligned and the data should
be moved, not returned. And aligned memory was memcpy'd .
fixed in: " aligned memory was moved anyway.diff "
(and in: "inputdata disappeared even after failed realloc.diff " )

>         return ptr;
> #endif
>
>     ptr2= av_malloc(size);
>     if(ptr && ptr2)
>         memcpy(ptr2, ptr, size);
>     av_free(ptr);

if ptr2 was NULL, av_free is still called, which in my opinion breaks
unnecessarily with "If realloc() fails the original block is left
untouched - it is not freed or moved"
fixed in: " inputdata disappeared even after failed realloc (part2).diff "

>     return ptr2;
> }

Thanks for your attention,
-V
-------------- next part --------------
Index: libavutil/mem.c
===================================================================
--- libavutil/mem.c	(revision 5994)
+++ libavutil/mem.c	(working copy)
@@ -109,7 +109,7 @@
 
 #ifndef MEMALIGN_HACK
     ptr= realloc(ptr, size);
-    if(((int)ptr&15) || !ptr)
+    if( !((int)ptr&15) || !ptr)
         return ptr;
 #endif
 
-------------- next part --------------
Index: libavutil/mem.c
===================================================================
--- libavutil/mem.c	(revision 5994)
+++ libavutil/mem.c	(working copy)
@@ -108,9 +108,10 @@
         return NULL;
 
 #ifndef MEMALIGN_HACK
-    ptr= realloc(ptr, size);
-    if(((int)ptr&15) || !ptr)
-        return ptr;
+    ptr2= realloc(ptr, size);
+    if( !((int)ptr2&15) || !ptr2)
+        return ptr2;
+    ptr = ptr2;
 #endif
 
     ptr2= av_malloc(size);
-------------- next part --------------
Index: libavutil/mem.c
===================================================================
--- libavutil/mem.c	(revision 5994)
+++ libavutil/mem.c	(working copy)
@@ -115,8 +115,10 @@
 
     ptr2= av_malloc(size);
     if(ptr && ptr2)
+    {
         memcpy(ptr2, ptr, size);
-    av_free(ptr);
+        av_free(ptr);
+    }
 
     return ptr2;
 }



More information about the ffmpeg-devel mailing list