[FFmpeg-devel] [PATCH] Avoid running malloc/free for 0-sized allocs and return a pointer to const memory so we will still detect invalid writes to malloc(0) areas. This also fixes av_realloc to treat size == 0 specially.

[Reimar Döffinger]

On Sat, May 07, 2011 at 01:35:54PM +0200, Michael Niedermayer wrote:
> On Sat, May 07, 2011 at 09:56:31AM +0200, Reimar Döffinger wrote:
> > ---
> >  libavutil/mem.c |   10 +++++++++-
> >  1 files changed, 9 insertions(+), 1 deletions(-)
> > 
> > diff --git a/libavutil/mem.c b/libavutil/mem.c
> > index f0f18d1..134fcba 100644
> > --- a/libavutil/mem.c
> > +++ b/libavutil/mem.c
> > @@ -57,6 +57,8 @@ void  free(void *ptr);
> >  
> >  #endif /* MALLOC_PREFIX */
> >  
> > +static const int dummy_alloc;
> > +
> >  /* You can redefine av_malloc and av_free in your project to use your
> >     memory allocator. You do not need to suppress this file because the
> >     linker will do it automatically. */
> > @@ -72,7 +74,7 @@ void *av_malloc(size_t size)
> >      if(size > (INT_MAX-32) )
> >          return NULL;
> >      else if(!size)
> > -        size= 1;
> > +        return (void *)&dummy_alloc;
> 
> This violates ISO C malloc() semantics, as well as attribute(malloc)
> semantics and its also not correctly aligned.
> We might ignore ISO C as this isnt malloc(), the rest looks like a
> possinble issue though
> ignoring the attribute semantics means we have to remove
> attribute(malloc) or risk undefined behavior on av_malloc(0)
> the align should be easy to fix

I have some doubts any of these really matter - the align
certainly doesn't since using the returned pointer in any way
would be a programming error.
But we can just leave it, but in that case: could you please
fix av_realloc to behave consistently?