[vlc-commits] picture: fix empty allocation leak
Rémi Denis-Courmont
git at videolan.org
Mon Feb 26 23:25:48 CET 2018
vlc | branch: master | Rémi Denis-Courmont <remi at remlab.net> | Mon Feb 26 23:32:45 2018 +0200| [054bcfe4a97449d57d4f701ef642fdd01b3bcca9] | committer: Rémi Denis-Courmont
picture: fix empty allocation leak
If the picture has zero planes, pic->p->p_pixels is set to NULL rather
than the allocated (zero bytes) buffer, leading to a potential leak
depending on aligned_alloc() implementation.
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=054bcfe4a97449d57d4f701ef642fdd01b3bcca9
---
src/misc/picture.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/src/misc/picture.c b/src/misc/picture.c
index 8af4b250f9..69e7c92ad6 100644
--- a/src/misc/picture.c
+++ b/src/misc/picture.c
@@ -250,7 +250,11 @@ picture_t *picture_NewFromFormat(const video_format_t *restrict fmt)
if (unlikely(priv == NULL))
return NULL;
+ priv->gc.destroy = picture_Destroy;
+
picture_t *pic = &priv->picture;
+ if (pic->i_planes == 0)
+ return NULL;
/* Calculate how big the new image should be */
size_t plane_sizes[PICTURE_PLANE_MAX];
@@ -269,7 +273,7 @@ picture_t *picture_NewFromFormat(const video_format_t *restrict fmt)
goto error;
uint8_t *buf = aligned_alloc(16, pic_size);
- if (unlikely(pic_size > 0 && buf == NULL))
+ if (unlikely(buf == NULL))
goto error;
/* Fill the p_pixels field for each plane */
@@ -279,7 +283,6 @@ picture_t *picture_NewFromFormat(const video_format_t *restrict fmt)
buf += plane_sizes[i];
}
- priv->gc.destroy = picture_Destroy;
return pic;
error:
free(pic);
More information about the vlc-commits
mailing list