[FFmpeg-devel] [PATCH] Fix double free causing segmentation faults when accessing unavailable v4l devices

Stefano Sabatini stefano.sabatini-lala
Tue Jul 15 21:39:01 CEST 2008


Hi all, as in subject,
you may experience the crashes for example with:
ffmpeg -f video4linux2 -s 640x480 -r 25 -i /dev/video0

if there is no video4linux device connected to the machine (no
/dev/video0 file).

This happens because the v4l2?_read_header() functions call av_free() on
the new stream, then av_open_input_stream() call av_free() again in case
of failure on the already alloced stream:

 fail:
    if (ic) {
        int i;
        av_freep(&ic->priv_data);
        for(i=0;i<ic->nb_streams;i++) {
            AVStream *st = ic->streams[i];
            if (st) {
                av_free(st->priv_data);
                av_free(st->codec->extradata);
            }
            av_free(st);
        }
    }
    av_free(ic);
    *ic_ptr = NULL;
    return err;

Another possible solution could be to use avfreep(&st) in 
v4l?.c, but I think this solution is more correct.

Regards.
-- 
FFmpeg = Freak & Free Maxi Programmable Esoteric Game
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fix-v4l-crash.patch
Type: text/x-diff
Size: 296 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20080715/8ecf318e/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fix-v4l2-crash.patch
Type: text/x-diff
Size: 756 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20080715/8ecf318e/attachment-0001.patch>



More information about the ffmpeg-devel mailing list