diff mbox

[FFmpeg-devel,2/2] avformat/oggdec: Fix metadata memleak on multiple headers

Message ID 20180306215623.26344-2-michael@niedermayer.cc
State Accepted
Commit da069e9c68ec1a54e618940dcb9ebae9bf179a32
Headers show

Commit Message

Michael Niedermayer March 6, 2018, 9:56 p.m. UTC 
Fixes: Chromium bug 800123
Reported-by: Matt Wolenetz <wolenetz@google.com>
Reviewed-by: Matt Wolenetz <wolenetz@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavformat/oggdec.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

Comments

Matt Wolenetz March 7, 2018, 6:09 p.m. UTC | #1 
Friendly ping. I'd like to not have to land this in Chromium before
upstream ffmpeg, but I may need to soon.

On Tue, Mar 6, 2018 at 1:56 PM, Michael Niedermayer <michael@niedermayer.cc>
wrote:

> Fixes: Chromium bug 800123
> Reported-by: Matt Wolenetz <wolenetz@google.com>
> Reviewed-by: Matt Wolenetz <wolenetz@google.com>
> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> ---
>  libavformat/oggdec.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/libavformat/oggdec.c b/libavformat/oggdec.c
> index 38f60653f9..27d16a3e4e 100644
> --- a/libavformat/oggdec.c
> +++ b/libavformat/oggdec.c
> @@ -128,7 +128,10 @@ static int ogg_restore(AVFormatContext *s)
>      ogg->state = ost->next;
>
>          for (i = 0; i < ogg->nstreams; i++) {
> -            av_freep(&ogg->streams[i].buf);
> +            struct ogg_stream *stream = &ogg->streams[i];
> +            av_freep(&stream->buf);
> +            av_freep(&stream->new_metadata);
> +
>              if (i >= ost->nstreams || !ost->streams[i].private) {
>                  free_stream(s, i);
>              }
> --
> 2.16.2
>
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
Matthew Wolenetz March 7, 2018, 6:19 p.m. UTC | #2 
Friendly ping. I'd like to not have to land this in Chromium before upstream
 ffmpeg, but I may need to soon.

On Tue, Mar 6, 2018 at 1:56 PM, Michael Niedermayer <michael@niedermayer.cc>
wrote:

> Fixes: Chromium bug 800123
> Reported-by: Matt Wolenetz <wolenetz@google.com>
> Reviewed-by: Matt Wolenetz <wolenetz@google.com>
> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> ---
>  libavformat/oggdec.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/libavformat/oggdec.c b/libavformat/oggdec.c
> index 38f60653f9..27d16a3e4e 100644
> --- a/libavformat/oggdec.c
> +++ b/libavformat/oggdec.c
> @@ -128,7 +128,10 @@ static int ogg_restore(AVFormatContext *s)
>      ogg->state = ost->next;
>
>          for (i = 0; i < ogg->nstreams; i++) {
> -            av_freep(&ogg->streams[i].buf);
> +            struct ogg_stream *stream = &ogg->streams[i];
> +            av_freep(&stream->buf);
> +            av_freep(&stream->new_metadata);
> +
>              if (i >= ost->nstreams || !ost->streams[i].private) {
>                  free_stream(s, i);
>              }
> --
> 2.16.2
>
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
Paul B Mahol March 7, 2018, 6:21 p.m. UTC | #3 
On 3/7/18, Matthew Wolenetz <wolenetz@chromium.org> wrote:
> Friendly ping. I'd like to not have to land this in Chromium before upstream
>  ffmpeg, but I may need to soon.
>
> On Tue, Mar 6, 2018 at 1:56 PM, Michael Niedermayer <michael@niedermayer.cc>
> wrote:
>
>> Fixes: Chromium bug 800123
>> Reported-by: Matt Wolenetz <wolenetz@google.com>
>> Reviewed-by: Matt Wolenetz <wolenetz@google.com>
>> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
>> ---
>>  libavformat/oggdec.c | 5 ++++-
>>  1 file changed, 4 insertions(+), 1 deletion(-)
>>
>> diff --git a/libavformat/oggdec.c b/libavformat/oggdec.c
>> index 38f60653f9..27d16a3e4e 100644
>> --- a/libavformat/oggdec.c
>> +++ b/libavformat/oggdec.c
>> @@ -128,7 +128,10 @@ static int ogg_restore(AVFormatContext *s)
>>      ogg->state = ost->next;
>>
>>          for (i = 0; i < ogg->nstreams; i++) {
>> -            av_freep(&ogg->streams[i].buf);
>> +            struct ogg_stream *stream = &ogg->streams[i];
>> +            av_freep(&stream->buf);
>> +            av_freep(&stream->new_metadata);
>> +
>>              if (i >= ost->nstreams || !ost->streams[i].private) {
>>                  free_stream(s, i);
>>              }
>> --
>> 2.16.2
>>
>> _______________________________________________
>> ffmpeg-devel mailing list
>> ffmpeg-devel@ffmpeg.org
>> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>>
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>

Its already reviewed and should be applied.
Michael Niedermayer March 7, 2018, 6:48 p.m. UTC | #4 
On Wed, Mar 07, 2018 at 10:09:58AM -0800, Matt Wolenetz wrote:
> Friendly ping. I'd like to not have to land this in Chromium before
> upstream ffmpeg, but I may need to soon.

will apply

thx

[...]
diff mbox

Patch

diff --git a/libavformat/oggdec.c b/libavformat/oggdec.c
index 38f60653f9..27d16a3e4e 100644
--- a/libavformat/oggdec.c
+++ b/libavformat/oggdec.c
@@ -128,7 +128,10 @@  static int ogg_restore(AVFormatContext *s)
     ogg->state = ost->next;
 
         for (i = 0; i < ogg->nstreams; i++) {
-            av_freep(&ogg->streams[i].buf);
+            struct ogg_stream *stream = &ogg->streams[i];
+            av_freep(&stream->buf);
+            av_freep(&stream->new_metadata);
+
             if (i >= ost->nstreams || !ost->streams[i].private) {
                 free_stream(s, i);
             }