From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
To: ffmpeg-devel@ffmpeg.org
Subject: Re: [FFmpeg-devel] [PATCH 1/2] avfilter/signature_lookup: dont leave uncleared pointers in sll_free()
Date: Tue, 6 Feb 2024 11:36:13 +0100
Message-ID: <AS8P250MB07448759C3AB7850DE6A6B628F462@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM> (raw)
In-Reply-To: <20240206004001.GV6420@pb2>
Michael Niedermayer:
> On Mon, Feb 05, 2024 at 12:51:57PM +0100, Andreas Rheinhardt wrote:
>> Michael Niedermayer:
>>> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
>>> ---
>>> libavfilter/signature_lookup.c | 21 ++++++++++-----------
>>> 1 file changed, 10 insertions(+), 11 deletions(-)
>>>
>>> diff --git a/libavfilter/signature_lookup.c b/libavfilter/signature_lookup.c
>>> index 86dd0c66754..52a97e1bc7e 100644
>>> --- a/libavfilter/signature_lookup.c
>>> +++ b/libavfilter/signature_lookup.c
>>> @@ -37,6 +37,15 @@
>>> #define STATUS_END_REACHED 1
>>> #define STATUS_BEGIN_REACHED 2
>>>
>>> +static void sll_free(MatchingInfo **sll)
>>> +{
>>> + while (*sll) {
>>> + MatchingInfo *tmp = *sll;
>>> + *sll = (*sll)->next;
>>> + av_free(tmp);
>>> + }
>>
>> This does not clear the pointers at all. This does (and avoids
>> indirections).
>>
>> static void sll_free(MatchingInfo **sllp)
>> {
>> MatchingInfo *sll = *sllp;
>>
>> *sllp = NULL;
>> while (sll) {
>> MatchingInfo *tmp = sll;
>> sll = sll->next;
>> av_free(tmp);
>> }
>> }
>
> I tried it with code below, but your code is not different from mine in behavior just more complex
>
Your code indeed resets the pointer; it overwrites the pointer once per
loop iteration and so sets it to NULL in the last iteration. I somehow
overlooked that.
I actually consider your code more complex (my code resets the original
pointer and directly traverses the list, your code does the same, but in
between it overwrites the original pointer to store the next pointer
instead of using a simple stack variable for this purpose).
Apply as you wish.
> output:
> (nil) 0x560e8daad2c0 (nil)
> vs.
> (nil) 0x557ae6e472c0 (nil)
>
> sll_free_n2() is simpler and will clear all, the reason i did not
> propose it, is its recursive and can hit stack space limits in principle
> sll_free_n3() and sll_free_n4() are other options that will clear all
> but maybe every choice contains bugs, i didnt really test them with more than one testcase
sll_free_n2() is not recursive.
>
> -----------
>
> #include <stdio.h>
> #include <stdlib.h>
> #include <string.h>
>
> #define FFSWAP(type,a,b) do{type SWAP_tmp= b; b= a; a= SWAP_tmp;}while(0)
>
> static void av_free(void *ptr)
> {
> free(ptr);
> }
>
> static void av_freep(void *arg)
> {
> void *val;
>
> memcpy(&val, arg, sizeof(val));
> memcpy(arg, &(void *){ NULL }, sizeof(val));
> av_free(val);
> }
>
>
> typedef struct MatchingInfo {
> struct MatchingInfo *next;
> } MatchingInfo;
>
>
> static void sll_free_n(MatchingInfo **sll)
> {
> while (*sll) {
> MatchingInfo *tmp = *sll;
> *sll = (*sll)->next;
> av_free(tmp);
> }
> }
>
> static void sll_free_n2(MatchingInfo **sll)
> {
> if (*sll)
> sll_free_n(&(*sll)->next);
> av_freep(sll);
> }
>
> static void sll_free_n3(MatchingInfo **sll)
> {
> while (*sll) {
> MatchingInfo *tmp = *sll;
> *sll = tmp->next;
> tmp->next = NULL;
> av_free(tmp);
> }
> }
>
> static void sll_free_n4(MatchingInfo **sll)
> {
> MatchingInfo *tmp = NULL;
> while (*sll) {
> FFSWAP(MatchingInfo *, tmp, (*sll)->next);
> av_freep(sll);
> FFSWAP(MatchingInfo *, tmp, *sll);
> }
> }
>
> static void sll_free_r(MatchingInfo **sllp)
> {
> MatchingInfo *sll = *sllp;
>
> *sllp = NULL;
> while (sll) {
> MatchingInfo *tmp = sll;
> sll = sll->next;
> av_free(tmp);
> }
> }
>
> main() {
> MatchingInfo *mi, *m1, *m2;
>
> m1 = mi = malloc(sizeof(MatchingInfo));
> m2 = mi->next = malloc(sizeof(MatchingInfo));
> m2->next= NULL;
>
> sll_free_r(&mi);
>
> printf("%p %p %p\n", mi, m1->next, m2->next);
>
> }
>
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
next prev parent reply other threads:[~2024-02-06 10:34 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-05 11:44 Michael Niedermayer
2024-02-05 11:44 ` [FFmpeg-devel] [PATCH 2/2] avfilter/signature_lookup: Do not dereference NULL pointers after malloc failure Michael Niedermayer
2024-02-11 22:54 ` Michael Niedermayer
2024-02-05 11:51 ` [FFmpeg-devel] [PATCH 1/2] avfilter/signature_lookup: dont leave uncleared pointers in sll_free() Andreas Rheinhardt
2024-02-06 0:40 ` Michael Niedermayer
2024-02-06 10:36 ` Andreas Rheinhardt [this message]
2024-02-06 20:53 ` Michael Niedermayer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=AS8P250MB07448759C3AB7850DE6A6B628F462@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM \
--to=andreas.rheinhardt@outlook.com \
--cc=ffmpeg-devel@ffmpeg.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git