Message ID | 20190919030934.12883-1-jamrial@gmail.com |
---|---|
State | Accepted |
Commit | bae8844e35147f92e612a9e0b44e939a293e5bc9 |
Headers | show |
James Almer: > Demuxers may have allocated a packet before encountering an error and aborting. > > Fixes ticket #8150 > > Signed-off-by: James Almer <jamrial@gmail.com> > --- > It may also fix other tickets as well, since i recall seeing other reports about > leaks in ff_read_packet() on malformed input in the past, but i can't remember > which. > > libavformat/utils.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/libavformat/utils.c b/libavformat/utils.c > index 3983a3f4ce..215cbe6df8 100644 > --- a/libavformat/utils.c > +++ b/libavformat/utils.c > @@ -854,6 +854,8 @@ int ff_read_packet(AVFormatContext *s, AVPacket *pkt) > av_init_packet(pkt); > ret = s->iformat->read_packet(s, pkt); > if (ret < 0) { > + av_packet_unref(pkt); > + > /* Some demuxers return FFERROR_REDO when they consume > data and discard it (ignored streams, junk, extradata). > We must re-call the demuxer to get the real packet. */ > Hello, you should take a look at this patchset [1]. The first patch of it deals with other potential memleaks in ff_read_packet. I have incorporated your patch as second patch. The rest of the patchset mainly deals with resetting the packet when putting it on a packet list (i.e. with your TODO in ff_packet_list_put). - Andreas [1]: https://ffmpeg.org/pipermail/ffmpeg-devel/2019-September/250229.html
diff --git a/libavformat/utils.c b/libavformat/utils.c index 3983a3f4ce..215cbe6df8 100644 --- a/libavformat/utils.c +++ b/libavformat/utils.c @@ -854,6 +854,8 @@ int ff_read_packet(AVFormatContext *s, AVPacket *pkt) av_init_packet(pkt); ret = s->iformat->read_packet(s, pkt); if (ret < 0) { + av_packet_unref(pkt); + /* Some demuxers return FFERROR_REDO when they consume data and discard it (ignored streams, junk, extradata). We must re-call the demuxer to get the real packet. */
Demuxers may have allocated a packet before encountering an error and aborting. Fixes ticket #8150 Signed-off-by: James Almer <jamrial@gmail.com> --- It may also fix other tickets as well, since i recall seeing other reports about leaks in ff_read_packet() on malformed input in the past, but i can't remember which. libavformat/utils.c | 2 ++ 1 file changed, 2 insertions(+)