Re: [FFmpeg-devel] Fix leaked dictionary in mp3dec
In Chromium code, we set s->metadata ahead of time, with a custom entry to avoid id3v1 tag parsing. Some recent changes in mp3dec.c meant that we had to update this code, and in the process, we discovered this reference leak on our end. I am submitting this patch as a general code hardening patch. I also understand if our use case is unusual and that one may assume that s->metadata is always NULL. On Thu, Apr 6, 2017 at 11:32 PM, wm4wrote: > On Thu, 6 Apr 2017 14:07:53 -0700 > Thomas Guilbert wrote: > > > The patch didn't show up as properly formatted on > > https://patchwork.ffmpeg.org/patch/3228/. > > > > Re-submitting using no line wrap in the base64 attachment, and copying > the > > contents of the patch for ease of review: > > > > From fced5ab0e09f529397adddcb560d1a08f2df4840 Mon Sep 17 00:00:00 2001 > > From: Thomas Guilbert > > Date: Thu, 30 Mar 2017 18:23:29 -0700 > > Subject: [PATCH] Fix dictionnary leak in mp3dec > > > > --- > > libavformat/mp3dec.c | 1 + > > 1 file changed, 1 insertion(+) > > > > diff --git a/libavformat/mp3dec.c b/libavformat/mp3dec.c > > index 0924a57843..fd8184cc0b 100644 > > --- a/libavformat/mp3dec.c > > +++ b/libavformat/mp3dec.c > > @@ -349,6 +349,7 @@ static int mp3_read_header(AVFormatContext *s) > > int ret; > > int i; > > > > +av_dict_free(>metadata); > > s->metadata = s->internal->id3v2_meta; > > s->internal->id3v2_meta = NULL; > > > > So in which situations is s->metadata not NULL? > ___ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > http://ffmpeg.org/mailman/listinfo/ffmpeg-devel > ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
Re: [FFmpeg-devel] Fix leaked dictionary in mp3dec
On Thu, 6 Apr 2017 14:07:53 -0700 Thomas Guilbertwrote: > The patch didn't show up as properly formatted on > https://patchwork.ffmpeg.org/patch/3228/. > > Re-submitting using no line wrap in the base64 attachment, and copying the > contents of the patch for ease of review: > > From fced5ab0e09f529397adddcb560d1a08f2df4840 Mon Sep 17 00:00:00 2001 > From: Thomas Guilbert > Date: Thu, 30 Mar 2017 18:23:29 -0700 > Subject: [PATCH] Fix dictionnary leak in mp3dec > > --- > libavformat/mp3dec.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/libavformat/mp3dec.c b/libavformat/mp3dec.c > index 0924a57843..fd8184cc0b 100644 > --- a/libavformat/mp3dec.c > +++ b/libavformat/mp3dec.c > @@ -349,6 +349,7 @@ static int mp3_read_header(AVFormatContext *s) > int ret; > int i; > > +av_dict_free(>metadata); > s->metadata = s->internal->id3v2_meta; > s->internal->id3v2_meta = NULL; > So in which situations is s->metadata not NULL? ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
Re: [FFmpeg-devel] Fix leaked dictionary in mp3dec
The patch didn't show up as properly formatted on https://patchwork.ffmpeg.org/patch/3228/. Re-submitting using no line wrap in the base64 attachment, and copying the contents of the patch for ease of review: >From fced5ab0e09f529397adddcb560d1a08f2df4840 Mon Sep 17 00:00:00 2001 From: Thomas GuilbertDate: Thu, 30 Mar 2017 18:23:29 -0700 Subject: [PATCH] Fix dictionnary leak in mp3dec --- libavformat/mp3dec.c | 1 + 1 file changed, 1 insertion(+) diff --git a/libavformat/mp3dec.c b/libavformat/mp3dec.c index 0924a57843..fd8184cc0b 100644 --- a/libavformat/mp3dec.c +++ b/libavformat/mp3dec.c @@ -349,6 +349,7 @@ static int mp3_read_header(AVFormatContext *s) int ret; int i; +av_dict_free(>metadata); s->metadata = s->internal->id3v2_meta; s->internal->id3v2_meta = NULL; -- 2.12.2.564.g063fe858b8-goog On Fri, Mar 31, 2017 at 12:39 PM, Thomas Guilbert wrote: > Commit '65862f57ad2f7f49d715f334a9d892e0b20d42f1' overwrites s->metada > with s->internal->id3v2_meta, which leaks an AVDictionary* if > s->metada was not null. > > Please excuse any formatting problems in this email, this is my first > time uploading a patch :) > > Thank you, > Thomas > RnJvbSBmY2VkNWFiMGUwOWY1MjkzOTdhZGRkY2I1NjBkMWEwOGYyZGY0ODQwIE1vbiBTZXAgMTcgMDA6MDA6MDAgMjAwMQpGcm9tOiBUaG9tYXMgR3VpbGJlcnQgPHRndWlsYmVydEBjaHJvbWl1bS5vcmc+CkRhdGU6IFRodSwgMzAgTWFyIDIwMTcgMTg6MjM6MjkgLTA3MDAKU3ViamVjdDogW1BBVENIXSBGaXggZGljdGlvbm5hcnkgbGVhayBpbiBtcDNkZWMKCi0tLQogbGliYXZmb3JtYXQvbXAzZGVjLmMgfCAxICsKIDEgZmlsZSBjaGFuZ2VkLCAxIGluc2VydGlvbigrKQoKZGlmZiAtLWdpdCBhL2xpYmF2Zm9ybWF0L21wM2RlYy5jIGIvbGliYXZmb3JtYXQvbXAzZGVjLmMKaW5kZXggMDkyNGE1Nzg0My4uZmQ4MTg0Y2MwYiAxMDA2NDQKLS0tIGEvbGliYXZmb3JtYXQvbXAzZGVjLmMKKysrIGIvbGliYXZmb3JtYXQvbXAzZGVjLmMKQEAgLTM0OSw2ICszNDksNyBAQCBzdGF0aWMgaW50IG1wM19yZWFkX2hlYWRlcihBVkZvcm1hdENvbnRleHQgKnMpCiAgICAgaW50IHJldDsKICAgICBpbnQgaTsKIAorICAgIGF2X2RpY3RfZnJlZSgmcy0+bWV0YWRhdGEpOwogICAgIHMtPm1ldGFkYXRhID0gcy0+aW50ZXJuYWwtPmlkM3YyX21ldGE7CiAgICAgcy0+aW50ZXJuYWwtPmlkM3YyX21ldGEgPSBOVUxMOwogCi0tIAoyLjEyLjIuNTY0LmcwNjNmZTg1OGI4LWdvb2cKCg== ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel