Opened 11 years ago
Closed 12 months ago
#4908 closed defect (fixed)
Memory leak in ff_img_read_header() with custom io
| Reported by: | personalmountains | Owned by: | |
|---|---|---|---|
| Priority: | normal | Component: | avformat |
| Version: | unspecified | Keywords: | leak |
| Cc: | Blocked By: | ||
| Blocking: | Reproduced by developer: | no | |
| Analyzed by developer: | no |
Description
This patch changed probe_buffer from an array to a pointer allocated with av_realloc(). It was correctly freed at the end of the block. However, that one buried the av_free() call into ffio_rewind_with_probe_data().
Unsurprisingly, a subsequent patch made it so this call is skipped in the case of custom io, so the buffer is never freed. A simple av_free() after the call to avio_seek() on img2dec.c:346 might do the job.
int probe_buffer_size = 2048;
uint8_t *probe_buffer = av_realloc(NULL, probe_buffer_size + AVPROBE_PADDING_SIZE);
// ...
if (s1->flags & AVFMT_FLAG_CUSTOM_IO) {
// this leaks probe_buffer because av_free() isn't called
avio_seek(s1->pb, 0, SEEK_SET);
} else
ffio_rewind_with_probe_data(s1->pb, &probe_buffer, probe_buffer_size);
Change History (2)
comment:1 by , 11 years ago
| Keywords: | memory removed |
|---|
comment:2 by , 12 months ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Fixed in bd3672ba75c7e4a4b0cb2b46b8b6c983d73a0107.
Note:
See TracTickets
for help on using tickets.
Please either send your patch fixing the leak to the development mailing list or provide code that allows to reproduce the issue, patches are ignored on this bug tracker.