* [FFmpeg-devel] [PATCH v3] avfilter/asrc_sinc: fix leak in config_input()
@ 2025-06-28 7:08 Lidong Yan
2025-06-29 22:29 ` Michael Niedermayer
0 siblings, 1 reply; 3+ messages in thread
From: Lidong Yan @ 2025-06-28 7:08 UTC (permalink / raw)
To: ffmpeg-devel; +Cc: Lidong Yan
In config_input(), fir_to_phase() allocates memory in h[longer], which
would leak if av_calloc() to s->coeffs failed. lpf() allocates memory
in h[0] and h[1], which would leak if fir_to_phase() failed. To fix
this leak, add av_free(h[longer]) in as cleanup code, and replace
return AVERROR* with goto cleanup to prevent from leaks.
Signed-off-by: Lidong Yan <502024330056@smail.nju.edu.cn>
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEaEpkmRYJKwYBBAHaRw8BAQdAGwGqH/Dwod+i6kR0/Rhn5GanJ7wK8mM9tWP/
W2qu8Ti0HTUwMjAyNDMzMDA1NkBzbWFpbC5uanUuZWR1LmNuiJkEExYKAEEWIQQC
zskBcOehk1y8GoKZR31bPD+6owUCaEpkmQIbAwUJBaOagAULCQgHAgIiAgYVCgkI
CwIEFgIDAQIeBwIXgAAKCRCZR31bPD+6o8wHAQCLomsA4XfTd8IdG983gGULUJe/
0432buy4nX7AsAc87QEA+/QIsWTR6XLJaLa1sLSQCsZkb86U3c17JzG9oivL8gW4
OARoSmSZEgorBgEEAZdVAQUBAQdAfYrEAWd+6bOXkKvHpFmMvKzxAtlhm6ZQKdAq
+MlJ7wQDAQgHiHgEGBYKACAWIQQCzskBcOehk1y8GoKZR31bPD+6owUCaEpkmQIb
DAAKCRCZR31bPD+6ozWxAQC9OFisWrP/hHXUfj8AnC39r5pf5fEBz7lHvFgWNk2b
XwD7Bl6kvIIW7ReqtgXvcl7u78vEo+e9YeTGTlmAogjpeQk=
=rP+W
-----END PGP PUBLIC KEY BLOCK-----
---
libavfilter/asrc_sinc.c | 16 ++++++++++------
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git a/libavfilter/asrc_sinc.c b/libavfilter/asrc_sinc.c
index 6ff3303316..63cb04d444 100644
--- a/libavfilter/asrc_sinc.c
+++ b/libavfilter/asrc_sinc.c
@@ -329,7 +329,7 @@ static int config_output(AVFilterLink *outlink)
SincContext *s = ctx->priv;
float Fn = s->sample_rate * .5f;
float *h[2];
- int i, n, post_peak, longer;
+ int i, n, post_peak, longer, ret;
outlink->sample_rate = s->sample_rate;
s->pts = 0;
@@ -360,9 +360,9 @@ static int config_output(AVFilterLink *outlink)
}
if (s->phase != 50.f) {
- int ret = fir_to_phase(s, &h[longer], &n, &post_peak, s->phase);
+ ret = fir_to_phase(s, &h[longer], &n, &post_peak, s->phase);
if (ret < 0)
- return ret;
+ goto cleanup;
} else {
post_peak = n >> 1;
}
@@ -370,16 +370,20 @@ static int config_output(AVFilterLink *outlink)
s->n = 1 << (av_log2(n) + 1);
s->rdft_len = 1 << av_log2(n);
s->coeffs = av_calloc(s->n, sizeof(*s->coeffs));
- if (!s->coeffs)
- return AVERROR(ENOMEM);
+ if (!s->coeffs) {
+ ret = AVERROR(ENOMEM);
+ goto cleanup;
+ }
for (i = 0; i < n; i++)
s->coeffs[i] = h[longer][i];
- av_free(h[longer]);
av_tx_uninit(&s->tx);
av_tx_uninit(&s->itx);
+ ret = 0;
+cleanup:
+ av_free(h[longer]);
return 0;
}
--
2.50.0.108.g6ae0c543ae
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [FFmpeg-devel] [PATCH v3] avfilter/asrc_sinc: fix leak in config_input()
2025-06-28 7:08 [FFmpeg-devel] [PATCH v3] avfilter/asrc_sinc: fix leak in config_input() Lidong Yan
@ 2025-06-29 22:29 ` Michael Niedermayer
2025-06-30 1:19 ` Lidong Yan
0 siblings, 1 reply; 3+ messages in thread
From: Michael Niedermayer @ 2025-06-29 22:29 UTC (permalink / raw)
To: FFmpeg development discussions and patches
[-- Attachment #1.1: Type: text/plain, Size: 2559 bytes --]
On Sat, Jun 28, 2025 at 03:08:36PM +0800, Lidong Yan wrote:
> In config_input(), fir_to_phase() allocates memory in h[longer], which
> would leak if av_calloc() to s->coeffs failed. lpf() allocates memory
> in h[0] and h[1], which would leak if fir_to_phase() failed. To fix
> this leak, add av_free(h[longer]) in as cleanup code, and replace
> return AVERROR* with goto cleanup to prevent from leaks.
>
> Signed-off-by: Lidong Yan <502024330056@smail.nju.edu.cn>
>
> -----BEGIN PGP PUBLIC KEY BLOCK-----
>
> mDMEaEpkmRYJKwYBBAHaRw8BAQdAGwGqH/Dwod+i6kR0/Rhn5GanJ7wK8mM9tWP/
> W2qu8Ti0HTUwMjAyNDMzMDA1NkBzbWFpbC5uanUuZWR1LmNuiJkEExYKAEEWIQQC
> zskBcOehk1y8GoKZR31bPD+6owUCaEpkmQIbAwUJBaOagAULCQgHAgIiAgYVCgkI
> CwIEFgIDAQIeBwIXgAAKCRCZR31bPD+6o8wHAQCLomsA4XfTd8IdG983gGULUJe/
> 0432buy4nX7AsAc87QEA+/QIsWTR6XLJaLa1sLSQCsZkb86U3c17JzG9oivL8gW4
> OARoSmSZEgorBgEEAZdVAQUBAQdAfYrEAWd+6bOXkKvHpFmMvKzxAtlhm6ZQKdAq
> +MlJ7wQDAQgHiHgEGBYKACAWIQQCzskBcOehk1y8GoKZR31bPD+6owUCaEpkmQIb
> DAAKCRCZR31bPD+6ozWxAQC9OFisWrP/hHXUfj8AnC39r5pf5fEBz7lHvFgWNk2b
> XwD7Bl6kvIIW7ReqtgXvcl7u78vEo+e9YeTGTlmAogjpeQk=
> =rP+W
> -----END PGP PUBLIC KEY BLOCK-----
>
> ---
> libavfilter/asrc_sinc.c | 16 ++++++++++------
> 1 file changed, 10 insertions(+), 6 deletions(-)
>
> diff --git a/libavfilter/asrc_sinc.c b/libavfilter/asrc_sinc.c
> index 6ff3303316..63cb04d444 100644
> --- a/libavfilter/asrc_sinc.c
> +++ b/libavfilter/asrc_sinc.c
> @@ -329,7 +329,7 @@ static int config_output(AVFilterLink *outlink)
> SincContext *s = ctx->priv;
> float Fn = s->sample_rate * .5f;
> float *h[2];
> - int i, n, post_peak, longer;
> + int i, n, post_peak, longer, ret;
>
> outlink->sample_rate = s->sample_rate;
> s->pts = 0;
> @@ -360,9 +360,9 @@ static int config_output(AVFilterLink *outlink)
> }
>
> if (s->phase != 50.f) {
> - int ret = fir_to_phase(s, &h[longer], &n, &post_peak, s->phase);
> + ret = fir_to_phase(s, &h[longer], &n, &post_peak, s->phase);
> if (ret < 0)
> - return ret;
> + goto cleanup;
[...]
> +cleanup:
> + av_free(h[longer]);
> return 0;
this is not the correct return code
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Frequently ignored answer#1 FFmpeg bugs should be sent to our bugtracker. User
questions about the command line tools should be sent to the ffmpeg-user ML.
And questions about how to use libav* should be sent to the libav-user ML.
[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 195 bytes --]
[-- Attachment #2: Type: text/plain, Size: 251 bytes --]
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [FFmpeg-devel] [PATCH v3] avfilter/asrc_sinc: fix leak in config_input()
2025-06-29 22:29 ` Michael Niedermayer
@ 2025-06-30 1:19 ` Lidong Yan
0 siblings, 0 replies; 3+ messages in thread
From: Lidong Yan @ 2025-06-30 1:19 UTC (permalink / raw)
To: FFmpeg development discussions and patches
Michael Niedermayer <michael@niedermayer.cc> writes:
> > +cleanup:
> > + av_free(h[longer]);
> > return 0;
>
> this is not the correct return code
>
Sorry about that, gonna fix.
Thanks,
Lidong
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2025-06-30 1:20 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-06-28 7:08 [FFmpeg-devel] [PATCH v3] avfilter/asrc_sinc: fix leak in config_input() Lidong Yan
2025-06-29 22:29 ` Michael Niedermayer
2025-06-30 1:19 ` Lidong Yan
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git