[vlc-devel] [PATCH] decoder: fix NULL dereference when video format is updating

Mon Apr 27 18:08:44 CEST 2015

p_owner->p_vout can be set to NULL by decoder_UpdateVideoFormat that can be
called from a different thread than the decoder one (see avcodec).

How to reproduce:
$ cat 1.h264 2.h264 > out.h264 # where 1.h264 and 2.h264 have different sizes
$ ./vlc out.h264 # SIGSEGV when video size changes
---
d331a8535763147143aa0e66991997308404bda5 introduced this crash:
Indeed, lavc_UpdateVideoFormat is called from p_context->get_format that is
called from an avcodec thread.

 src/input/decoder.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/input/decoder.c b/src/input/decoder.c
index 68931d4..611be99 100644
--- a/src/input/decoder.c
+++ b/src/input/decoder.c
@@ -867,6 +867,12 @@ static void DecoderPlayVideo( decoder_t *p_dec, picture_t *p_picture,
         picture_Release( p_picture );
         return;
     }
+    if( !p_vout )
+    {
+        msg_Warn( p_dec, "no vout available" );
+        picture_Release( p_picture );
+        return;
+    }
 
     /* */
     vlc_mutex_lock( &p_owner->lock );
-- 
2.1.4


