[FFmpeg-devel] n4.4 release bug (?) on ffmpeg.c av_fifo_generic_read
Andreas Rheinhardt
andreas.rheinhardt at outlook.com
Sun Apr 18 04:46:53 EEST 2021
Đông Nguyễn:
> Hi,
>
> Not sure this is the correct place to post this, but I've noticed some
> recent changes (n.4.4) on ffmpeg.c which seems suspicious to me.
>
> https://github.com/FFmpeg/FFmpeg/blob/n4.4/fftools/ffmpeg.c#L532-L535
> https://github.com/FFmpeg/FFmpeg/blob/n4.4/fftools/ffmpeg.c#L614-L616
>
> IIRC, before these changes, av_fifo_generic_read operates on whole struct
> of AVFrame and AVPacket, not sole pointer (which has only 8 bytes on 64bit
> machine)
>
> After that, calling "free" on those pointers potentially causes malloc heap
> crashes.
>
> Please correct me if I'm wrong. Thanks
>
Before 82bd02a2c73bb5e6b7cf5e5eba486e279f1a7358 the packet fifo (i.e.
muxing queue) contained whole AVPacket structs; now it doesn't any more,
it only contains pointers to (individually allocated) AVPackets which
are freed via av_packet_free(). In other words, the AVPacket fifo now
behaves as the AVFrame fifo (i.e. frame_queue) did for a long time. I
don't see how this could cause heap corruption/crashes.
- Andreas
More information about the ffmpeg-devel
mailing list