On Tue, Apr 21, 2015 at 02:23:19PM +0200, wm4 wrote:
> On Tue, 21 Apr 2015 13:22:00 +0200
> Michael Niedermayer <michae...@gmx.at> wrote:
>
> > This indicates that its safe to use av_free/av_malloc on the IO context
> >
> > Signed-off-by: Michael Niedermayer <michae...@gmx.at>
> > ---
> > libavformat/avio.h | 7 +++++++
> > libavformat/aviobuf.c | 1 +
> > libavformat/segment.c | 1 +
> > libavformat/wtvdec.c | 3 ++-
> > 4 files changed, 11 insertions(+), 1 deletion(-)
> >
> > diff --git a/libavformat/avio.h b/libavformat/avio.h
> > index 51913e3..73d1645 100644
> > --- a/libavformat/avio.h
> > +++ b/libavformat/avio.h
> > @@ -196,6 +196,13 @@ typedef struct AVIOContext {
> > * This field is internal to libavformat and access from outside is
> > not allowed.
> > */
> > int orig_buffer_size;
> > +
> > + /**
> > + * The io buffer can be resized or freed with av_free / av_malloc.
> > + * The user application does not keep a private copy of the buffer
> > pointer
> > + * which would become stale on such reallocation.
> > + */
> > + int resizeable;
> > } AVIOContext;
> >
> > /* unbuffered I/O */
> > diff --git a/libavformat/aviobuf.c b/libavformat/aviobuf.c
> > index 7de59f1..b32ff9f 100644
> > --- a/libavformat/aviobuf.c
> > +++ b/libavformat/aviobuf.c
> > @@ -793,6 +793,7 @@ int ffio_fdopen(AVIOContext **s, URLContext *h)
> > (*s)->read_seek = (int64_t (*)(void *, int, int64_t,
> > int))h->prot->url_read_seek;
> > }
> > (*s)->av_class = &ff_avio_class;
> > + (*s)->resizeable = 1;
> > return 0;
> > }
> >
> > diff --git a/libavformat/segment.c b/libavformat/segment.c
> > index 1162ea2..6504b46 100644
> > --- a/libavformat/segment.c
> > +++ b/libavformat/segment.c
> > @@ -511,6 +511,7 @@ static int open_null_ctx(AVIOContext **ctx)
> > av_free(buf);
> > return AVERROR(ENOMEM);
> > }
> > + (*ctx)->resizeable = 1;
> > return 0;
> > }
> >
> > diff --git a/libavformat/wtvdec.c b/libavformat/wtvdec.c
> > index e226690..7b5477b 100644
> > --- a/libavformat/wtvdec.c
> > +++ b/libavformat/wtvdec.c
> > @@ -243,7 +243,8 @@ static AVIOContext * wtvfile_open_sector(int
> > first_sector, uint64_t length, int
> > av_freep(&buffer);
> > av_freep(&wf->sectors);
> > av_freep(&wf);
> > - }
> > + } else
> > + pb->resizeable = 1;
> > return pb;
> > }
> >
>
> Looking at it again, ffio_ensure_seekback and ffio_set_buf_size are
> functions which resize the buffer (but by allocating a new buffer to
> avoid av_realloc incompatibility, as Nicolas pointed out).
> > So what's the point of this patch? it intends to prevent memory bugs, like double frees, freeing randon addresses on the stack and things like that [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Dictatorship naturally arises out of democracy, and the most aggravated form of tyranny and slavery out of the most extreme liberty. -- Plato
signature.asc
Description: Digital signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
