Re: [FFmpeg-devel] [libav-devel] [PATCH 1/4] avcodec/a64multienc: use av_frame_ref instead of copying the frame

Mon, 23 Feb 2015 07:03:22 -0800 

On 23.02.2015 12:46, Luca Barbato wrote:

On 23/02/15 12:23, Andreas Cadhalpun wrote:

On 23.02.2015 01:56, Michael Niedermayer wrote:

--- a/libavcodec/a64multienc.c
+++ b/libavcodec/a64multienc.c
@@ -317,7 +317,9 @@ static int a64multi_encode_frame(AVCodecContext
*avctx, AVPacket *pkt,
      } else {
          /* fill up mc_meta_charset with data until lifetime
exceeds */
          if (c->mc_frame_counter < c->mc_lifetime) {
-            *p = *pict;
+            ret = av_frame_ref(p, pict);
+            if (ret < 0)
+                return ret;


I suspect this leaves a memleak, ill push it anyway as it allows
regression testing the more complex subsequent fix


Yes, this trades the crash for a memleak. :-/
Your simplification [1] fixes that.



coded_frame should be always allocated if I remember correctly and a
cursory git grep tells me that.


Why should coded_frame be allocated? Is this documented somewhere?


It seems many audio encoders don't do that, as well as e.g. 
libopenh264enc and libwebpenc.



Anyway, the memleak can also be fixed by adding av_frame_unref(p) before 
the av_frame_ref.


Best regards,
Andreas

>From fb6edc1d75764413331a65bdba9cded0082acea1 Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun <andreas.cadhal...@googlemail.com>
Date: Mon, 23 Feb 2015 15:43:01 +0100
Subject: [PATCH] avcodec/a64multienc: use av_frame_ref instead of copying the
 frame

This fixes freeing the frame buffer twice on cleanup leading to a crash.
---
 libavcodec/a64multienc.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/libavcodec/a64multienc.c b/libavcodec/a64multienc.c
index d742dee..7ed9bd8 100644
--- a/libavcodec/a64multienc.c
+++ b/libavcodec/a64multienc.c
@@ -296,7 +296,10 @@ static int a64multi_encode_frame(AVCodecContext *avctx, AVPacket *pkt,
     } else {
         /* fill up mc_meta_charset with data until lifetime exceeds */
         if (c->mc_frame_counter < c->mc_lifetime) {
-            *p = *pict;
+            av_frame_unref(p);
+            ret = av_frame_ref(p, pict);
+            if (ret < 0)
+                return ret;
             p->pict_type = AV_PICTURE_TYPE_I;
             p->key_frame = 1;
             to_meta_with_crop(avctx, p, meta + 32000 * c->mc_frame_counter);
-- 
2.1.4


_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel






















					Reply via email to