[vlc-devel] [PATCH] Fixed memory leak when using the mosaic module (ticket #2326).
Phil Roffe
philip.roffe at durham.ac.uk
Fri Apr 10 19:41:06 CEST 2009
From: Phil Roffe and David Grellscheid <philip.roffe at durham.ac.uk>
Fixed by decrementing the i_refcount variable in the correct manner -
and therefore freeing the memory only when the i_refcount successfully
went to 0.
The problem was that i_refcount is an unsigned variable, and was being
decremented twice, once erroneously by mosaic_bridge, and then again in
the picture's original pf_release function. If i_refcount started at 1,
it wrapped to the maximum unsigned value rather than -1, failing the
refcount tests in the pf_release function.
Patch Authors: Phil Roffe and David Grellscheid
---
modules/stream_out/mosaic_bridge.c | 11 ++++++-----
1 files changed, 6 insertions(+), 5 deletions(-)
diff --git a/modules/stream_out/mosaic_bridge.c
b/modules/stream_out/mosaic_bridge.c
index e7a8d85..4a8e638 100644
--- a/modules/stream_out/mosaic_bridge.c
+++ b/modules/stream_out/mosaic_bridge.c
@@ -80,8 +80,6 @@ static void ReleasePicture( picture_t *p_pic )
{
assert( p_pic );
- if( --p_pic->i_refcount > 0 )
- return;
if( p_pic->p_sys )
{
@@ -91,9 +89,12 @@ static void ReleasePicture( picture_t *p_pic )
}
else
{
- free( p_pic->p_q );
- free( p_pic->p_data_orig );
- free( p_pic );
+ if( --p_pic->i_refcount == 0 )
+ {
+ free( p_pic->p_q );
+ free( p_pic->p_data_orig );
+ free( p_pic );
+ }
}
}
More information about the vlc-devel
mailing list