[FFmpeg-devel] [PATCH 1/3] avformat/avio: add resizeable field to AVIOContext

Michael Niedermayer michaelni at gmx.at
Mon Apr 27 04:50:27 CEST 2015


On Tue, Apr 21, 2015 at 02:23:19PM +0200, wm4 wrote:
> On Tue, 21 Apr 2015 13:22:00 +0200
> Michael Niedermayer <michaelni at gmx.at> wrote:
> 
> > This indicates that its safe to use av_free/av_malloc on the IO context
> > 
> > Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> > ---
> >  libavformat/avio.h    |    7 +++++++
> >  libavformat/aviobuf.c |    1 +
> >  libavformat/segment.c |    1 +
> >  libavformat/wtvdec.c  |    3 ++-
> >  4 files changed, 11 insertions(+), 1 deletion(-)
> > 
> > diff --git a/libavformat/avio.h b/libavformat/avio.h
> > index 51913e3..73d1645 100644
> > --- a/libavformat/avio.h
> > +++ b/libavformat/avio.h
> > @@ -196,6 +196,13 @@ typedef struct AVIOContext {
> >       * This field is internal to libavformat and access from outside is not allowed.
> >       */
> >      int orig_buffer_size;
> > +
> > +    /**
> > +     * The io buffer can be resized or freed with av_free / av_malloc.
> > +     * The user application does not keep a private copy of the buffer pointer
> > +     * which would become stale on such reallocation.
> > +     */
> > +    int resizeable;
> >  } AVIOContext;
> >  
> >  /* unbuffered I/O */
> > diff --git a/libavformat/aviobuf.c b/libavformat/aviobuf.c
> > index 7de59f1..b32ff9f 100644
> > --- a/libavformat/aviobuf.c
> > +++ b/libavformat/aviobuf.c
> > @@ -793,6 +793,7 @@ int ffio_fdopen(AVIOContext **s, URLContext *h)
> >          (*s)->read_seek  = (int64_t (*)(void *, int, int64_t, int))h->prot->url_read_seek;
> >      }
> >      (*s)->av_class = &ff_avio_class;
> > +    (*s)->resizeable = 1;
> >      return 0;
> >  }
> >  
> > diff --git a/libavformat/segment.c b/libavformat/segment.c
> > index 1162ea2..6504b46 100644
> > --- a/libavformat/segment.c
> > +++ b/libavformat/segment.c
> > @@ -511,6 +511,7 @@ static int open_null_ctx(AVIOContext **ctx)
> >          av_free(buf);
> >          return AVERROR(ENOMEM);
> >      }
> > +    (*ctx)->resizeable = 1;
> >      return 0;
> >  }
> >  
> > diff --git a/libavformat/wtvdec.c b/libavformat/wtvdec.c
> > index e226690..7b5477b 100644
> > --- a/libavformat/wtvdec.c
> > +++ b/libavformat/wtvdec.c
> > @@ -243,7 +243,8 @@ static AVIOContext * wtvfile_open_sector(int first_sector, uint64_t length, int
> >          av_freep(&buffer);
> >          av_freep(&wf->sectors);
> >          av_freep(&wf);
> > -    }
> > +    } else
> > +        pb->resizeable = 1;
> >      return pb;
> >  }
> >  
> 
> Looking at it again, ffio_ensure_seekback and ffio_set_buf_size are
> functions which resize the buffer (but by allocating a new buffer to
> avoid av_realloc incompatibility, as Nicolas pointed out).
> 

> So what's the point of this patch?

it intends to prevent memory bugs, like double frees, freeing
randon addresses on the stack and things like that

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Dictatorship naturally arises out of democracy, and the most aggravated
form of tyranny and slavery out of the most extreme liberty. -- Plato
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20150427/1c828eb8/attachment.asc>


More information about the ffmpeg-devel mailing list