[FFmpeg-devel] [PATCH] avcodec/wrapped_avframe: stop using sizeof(AVFrame)

Sun Mar 14 04:27:14 EET 2021

Signed-off-by: James Almer <jamrial at gmail.com>
---
Setting pkt->size to 0 but leaving pkt->data pointing to the frame ensures that
the packet isn't mistaken for an empty one, and prevents wrong use of the data
pointer in case av_packet_make_writable() is called on it (The resulting packet
will be the same as if you call it on an empty one).

I decided to set the opaque field of the AVBufferRef to the frame pointer so
we can do something like ensure pkt->size is 0 and pkt->data is equal to it
before trying to treat pkt->data as an AVFrame, but i'm not sure if that could
be done now, or only after a major bump (e.g. 4.3 lavf/lavd and 4.4 lavc at
runtime, where demuxers like the vapoursynth one propagate packets to the
wrapped_avframe decoder, and if the latter does the above check, it would
fail).

 libavcodec/wrapped_avframe.c | 23 ++++-------------------
 1 file changed, 4 insertions(+), 19 deletions(-)

diff --git a/libavcodec/wrapped_avframe.c b/libavcodec/wrapped_avframe.c
index 85ff32d13a..c921990024 100644
--- a/libavcodec/wrapped_avframe.c
+++ b/libavcodec/wrapped_avframe.c
@@ -44,32 +44,20 @@ static int wrapped_avframe_encode(AVCodecContext *avctx, AVPacket *pkt,
                      const AVFrame *frame, int *got_packet)
 {
     AVFrame *wrapped = av_frame_clone(frame);
-    uint8_t *data;
-    int size = sizeof(*wrapped) + AV_INPUT_BUFFER_PADDING_SIZE;
 
     if (!wrapped)
         return AVERROR(ENOMEM);
 
-    data = av_mallocz(size);
-    if (!data) {
-        av_frame_free(&wrapped);
-        return AVERROR(ENOMEM);
-    }
-
-    pkt->buf = av_buffer_create(data, size,
-                                wrapped_avframe_release_buffer, NULL,
+    pkt->buf = av_buffer_create((uint8_t *)wrapped, 0,
+                                wrapped_avframe_release_buffer, wrapped,
                                 AV_BUFFER_FLAG_READONLY);
     if (!pkt->buf) {
         av_frame_free(&wrapped);
-        av_freep(&data);
         return AVERROR(ENOMEM);
     }
 
-    av_frame_move_ref((AVFrame*)data, wrapped);
-    av_frame_free(&wrapped);
-
-    pkt->data = data;
-    pkt->size = sizeof(*wrapped);
+    pkt->data = (uint8_t *)wrapped;
+    pkt->size = 0;
 
     pkt->flags |= AV_PKT_FLAG_KEY;
     *got_packet = 1;
@@ -87,9 +75,6 @@ static int wrapped_avframe_decode(AVCodecContext *avctx, void *data,
         return AVERROR(EPERM);
     }
 
-    if (pkt->size < sizeof(AVFrame))
-        return AVERROR(EINVAL);
-
     in  = (AVFrame*)pkt->data;
     out = data;
 
-- 
2.30.2

