[Ffmpeg-devel] [BUG][PATCH] double free in libavformat/utils.c/av_destruct_packet()
Benjamin Larsson
banan
Wed Jan 4 16:20:24 CET 2006
Wolfram Gloger wrote:
>...
>
>
>>http://tranquillity.campus.luth.se/~banan/vids/ra10cook.rmvb
>>
>>Triggers this bug, my latest cook fixes are needed also. Attached patch
>>seams to fix that, I tried with av_freep but valgrind complained.
>>
>>
>
>
>
>>--- libavformat/utils.c 22 Dec 2005 01:10:11 -0000 1.172
>>+++ libavformat/utils.c 4 Jan 2006 12:37:30 -0000
>>@@ -178,7 +178,8 @@
>> */
>> void av_destruct_packet(AVPacket *pkt)
>> {
>>- av_free(pkt->data);
>>+ if (!pkt->data)
>>+ av_free(pkt->data);
>> pkt->data = NULL; pkt->size = 0;
>> }
>>
>>
>
>Aehem, this patch cannot possibly be correct (huge memory leaks would
>result), you're not proposing this patch but just trying to outline
>what the problem is, right?
>
>Regards,
>Wolfram.
>
>
>
Um, yeah you're right, I thought it was a NULL pointer problem but I
inverted the logic.
I guess it's a problem with the rm demuxer then.
MvH
Benjamin Larsson
--
"incorrect information" is an oxymoron. Information is, by definition, factual, correct.
More information about the ffmpeg-devel
mailing list