On Thu, Nov 28, 2013 at 1:37 AM, Luca Barbato <[email protected]> wrote: > On 27/11/13 17:11, Vittorio Giovara wrote: >> From: Michael Niedermayer <[email protected]> >> >> Found-by: Laurent Butti <[email protected]> >> --- >> No sample to check the validity of the fix, although it seems correct. >> Vittorio > > > Use av_mallocz_array if you have to. > >> libavcodec/jpeg2000.c | 18 ++++++++++-------- >> 1 file changed, 10 insertions(+), 8 deletions(-) >> >> diff --git a/libavcodec/jpeg2000.c b/libavcodec/jpeg2000.c >> index bf46398..8149125 100644 >> --- a/libavcodec/jpeg2000.c >> +++ b/libavcodec/jpeg2000.c >> @@ -276,7 +276,7 @@ int ff_jpeg2000_init_component(Jpeg2000Component *comp, >> reslevel->log2_prec_height) - >> (reslevel->coord[1][0] >> reslevel->log2_prec_height); >> >> - reslevel->band = av_malloc_array(reslevel->nbands, >> sizeof(*reslevel->band)); >> + reslevel->band = av_mallocz(reslevel->nbands * >> sizeof(*reslevel->band)); >> if (!reslevel->band) >> return AVERROR(ENOMEM); >> >> @@ -372,9 +372,9 @@ int ff_jpeg2000_init_component(Jpeg2000Component *comp, >> for (j = 0; j < 2; j++) >> band->coord[1][j] = ff_jpeg2000_ceildiv(band->coord[1][j], >> dy); >> >> - band->prec = av_malloc_array(reslevel->num_precincts_x * >> - reslevel->num_precincts_y, >> - sizeof(*band->prec)); >> + band->prec = av_mallocz(reslevel->num_precincts_x * >> + reslevel->num_precincts_y * >> + sizeof(*band->prec)); >> if (!band->prec) >> return AVERROR(ENOMEM); >> > >> @@ -492,10 +492,12 @@ void ff_jpeg2000_cleanup(Jpeg2000Component *comp, >> Jpeg2000CodingStyle *codsty) >> for (bandno = 0; bandno < reslevel->nbands; bandno++) { >> Jpeg2000Band *band = reslevel->band + bandno; >> for (precno = 0; precno < reslevel->num_precincts_x * >> reslevel->num_precincts_y; precno++) { >> - Jpeg2000Prec *prec = band->prec + precno; >> - av_freep(&prec->zerobits); >> - av_freep(&prec->cblkincl); >> - av_freep(&prec->cblk); >> + if (band->prec) { >> + Jpeg2000Prec *prec = band->prec + precno; >> + av_freep(&prec->zerobits); >> + av_freep(&prec->cblkincl); >> + av_freep(&prec->cblk); >> + } >> } > > Looks like the code has a incomplete failpath and who found the problem > decided that the easiest is spending a little more time on alloc/free. > > Nicolas can you guess where the actual problem might be? > > lu
So what would be better, resend with mallocz_array or wait some more looking at the source of the bug? Cheers, Vittorio _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
