[FFmpeg-devel] [PATCH 1/3] avformat/avio: add resizeable field to AVIOContext

wm4 nfxjfg at googlemail.com
Mon Apr 27 10:21:02 CEST 2015


On Mon, 27 Apr 2015 04:50:27 +0200
Michael Niedermayer <michaelni at gmx.at> wrote:

> On Tue, Apr 21, 2015 at 02:23:19PM +0200, wm4 wrote:
> > On Tue, 21 Apr 2015 13:22:00 +0200
> > Michael Niedermayer <michaelni at gmx.at> wrote:
> > 
> > > This indicates that its safe to use av_free/av_malloc on the IO context
> > > 
> > > Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> > > ---
> > >  libavformat/avio.h    |    7 +++++++
> > >  libavformat/aviobuf.c |    1 +
> > >  libavformat/segment.c |    1 +
> > >  libavformat/wtvdec.c  |    3 ++-
> > >  4 files changed, 11 insertions(+), 1 deletion(-)
> > > 
> > > diff --git a/libavformat/avio.h b/libavformat/avio.h
> > > index 51913e3..73d1645 100644
> > > --- a/libavformat/avio.h
> > > +++ b/libavformat/avio.h
> > > @@ -196,6 +196,13 @@ typedef struct AVIOContext {
> > >       * This field is internal to libavformat and access from outside is not allowed.
> > >       */
> > >      int orig_buffer_size;
> > > +
> > > +    /**
> > > +     * The io buffer can be resized or freed with av_free / av_malloc.
> > > +     * The user application does not keep a private copy of the buffer pointer
> > > +     * which would become stale on such reallocation.
> > > +     */
> > > +    int resizeable;
> > >  } AVIOContext;
> > >  
> > >  /* unbuffered I/O */
> > > diff --git a/libavformat/aviobuf.c b/libavformat/aviobuf.c
> > > index 7de59f1..b32ff9f 100644
> > > --- a/libavformat/aviobuf.c
> > > +++ b/libavformat/aviobuf.c
> > > @@ -793,6 +793,7 @@ int ffio_fdopen(AVIOContext **s, URLContext *h)
> > >          (*s)->read_seek  = (int64_t (*)(void *, int, int64_t, int))h->prot->url_read_seek;
> > >      }
> > >      (*s)->av_class = &ff_avio_class;
> > > +    (*s)->resizeable = 1;
> > >      return 0;
> > >  }
> > >  
> > > diff --git a/libavformat/segment.c b/libavformat/segment.c
> > > index 1162ea2..6504b46 100644
> > > --- a/libavformat/segment.c
> > > +++ b/libavformat/segment.c
> > > @@ -511,6 +511,7 @@ static int open_null_ctx(AVIOContext **ctx)
> > >          av_free(buf);
> > >          return AVERROR(ENOMEM);
> > >      }
> > > +    (*ctx)->resizeable = 1;
> > >      return 0;
> > >  }
> > >  
> > > diff --git a/libavformat/wtvdec.c b/libavformat/wtvdec.c
> > > index e226690..7b5477b 100644
> > > --- a/libavformat/wtvdec.c
> > > +++ b/libavformat/wtvdec.c
> > > @@ -243,7 +243,8 @@ static AVIOContext * wtvfile_open_sector(int first_sector, uint64_t length, int
> > >          av_freep(&buffer);
> > >          av_freep(&wf->sectors);
> > >          av_freep(&wf);
> > > -    }
> > > +    } else
> > > +        pb->resizeable = 1;
> > >      return pb;
> > >  }
> > >  
> > 
> > Looking at it again, ffio_ensure_seekback and ffio_set_buf_size are
> > functions which resize the buffer (but by allocating a new buffer to
> > avoid av_realloc incompatibility, as Nicolas pointed out).
> > 
> 
> > So what's the point of this patch?
> 
> it intends to prevent memory bugs, like double frees, freeing
> randon addresses on the stack and things like that
> 
> [...]

Downstream should be fixed (instead of adding such a hack to ffmpeg),
and custom IO should be made possible without forcing the user to do
the tricky buffer allocation. I think this would be ideal. Didn't check
yet why the user needs to allocate a buffer, or how it could be avoided.


More information about the ffmpeg-devel mailing list