[FFmpeg-devel] [PATCH] Avoid running malloc/free for 0-sized allocs and return a pointer to const memory so we will still detect invalid writes to malloc(0) areas. This also fixes av_realloc to treat size == 0 specially.
Michael Niedermayer
michaelni at gmx.at
Sat May 7 13:35:54 CEST 2011
On Sat, May 07, 2011 at 09:56:31AM +0200, Reimar Döffinger wrote:
> ---
> libavutil/mem.c | 10 +++++++++-
> 1 files changed, 9 insertions(+), 1 deletions(-)
>
> diff --git a/libavutil/mem.c b/libavutil/mem.c
> index f0f18d1..134fcba 100644
> --- a/libavutil/mem.c
> +++ b/libavutil/mem.c
> @@ -57,6 +57,8 @@ void free(void *ptr);
>
> #endif /* MALLOC_PREFIX */
>
> +static const int dummy_alloc;
> +
> /* You can redefine av_malloc and av_free in your project to use your
> memory allocator. You do not need to suppress this file because the
> linker will do it automatically. */
> @@ -72,7 +74,7 @@ void *av_malloc(size_t size)
> if(size > (INT_MAX-32) )
> return NULL;
> else if(!size)
> - size= 1;
> + return (void *)&dummy_alloc;
This violates ISO C malloc() semantics, as well as attribute(malloc)
semantics and its also not correctly aligned.
We might ignore ISO C as this isnt malloc(), the rest looks like a
possinble issue though
ignoring the attribute semantics means we have to remove
attribute(malloc) or risk undefined behavior on av_malloc(0)
the align should be easy to fix
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Its not that you shouldnt use gotos but rather that you should write
readable code and code with gotos often but not always is less readable
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20110507/0b8239f0/attachment.asc>
More information about the ffmpeg-devel
mailing list