On Sun, 8 Sep 2013, Luca Barbato wrote:
Passing a pointer provided by memalign, posix_memalign or aligned_alloc to
realloc is known to cause subtle or not so subtle errors resulting in
possible crashes in most libc (the openbsd and windows ones are the
exceptions).
The C99 specification and POSIX state:
"If ptr does not match a pointer returned earlier by calloc(), malloc(),
or realloc() or if the space has previously been deallocated by a call
to free() or realloc(), the behavior is undefined."
The Libav code does not mix av_malloc and av_realloc functions so does
not have the problem. Downstream might be lead by the previous
documentation update to believe it is safe to mix the functions.
It is not.
This partially reverts commit b634b36fcebfe16b837b6c4044f5d5cb99a75040.
---
Here the full text.
libavutil/mem.h | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/libavutil/mem.h b/libavutil/mem.h
index 5eae3cf..dee61b7 100644
--- a/libavutil/mem.h
+++ b/libavutil/mem.h
@@ -100,14 +100,14 @@ av_alloc_size(1, 2) static inline void
*av_malloc_array(size_t nmemb, size_t siz
* Allocate or reallocate a block of memory.
* If ptr is NULL and size > 0, allocate a new block. If
* size is zero, free the memory block pointed to by ptr.
+ * @note Pointers provided by av_malloc family of functions cannot be
+ * passed to av_realloc().
* @param ptr Pointer to a memory block already allocated with
* av_realloc() or NULL.
* @param size Size in bytes of the memory block to be allocated or
* reallocated.
* @return Pointer to a newly-reallocated block or NULL if the block
* cannot be reallocated or the function is used to free the memory block.
- * @note av_realloc() is not guaranteed to maintain the alignment of
- * pointers originating from the av_malloc() family of functions.
* @see av_fast_realloc()
*/
void *av_realloc(void *ptr, size_t size) av_alloc_size(2);
@@ -116,14 +116,14 @@ void *av_realloc(void *ptr, size_t size) av_alloc_size(2);
* Allocate or reallocate an array.
* If ptr is NULL and nmemb > 0, allocate a new block. If
* nmemb is zero, free the memory block pointed to by ptr.
+ * @note Pointers provided by av_malloc family of functions cannot be
+ * passed to av_realloc_array().
* @param ptr Pointer to a memory block already allocated with
* av_realloc() or NULL.
* @param nmemb Number of elements
* @param size Size of the single element
* @return Pointer to a newly-reallocated block or NULL if the block
* cannot be reallocated or the function is used to free the memory block.
- * @note av_realloc_array() is not guaranteed to maintain the alignment of
- * pointers originating from the av_malloc() family of functions.
*/
av_alloc_size(2, 3) void *av_realloc_array(void *ptr, size_t nmemb, size_t
size);
@@ -131,14 +131,14 @@ av_alloc_size(2, 3) void *av_realloc_array(void *ptr,
size_t nmemb, size_t size)
* Allocate or reallocate an array through a pointer to a pointer.
* If *ptr is NULL and nmemb > 0, allocate a new block. If
* nmemb is zero, free the memory block pointed to by ptr.
+ * @note Pointers provided by av_malloc family of functions cannot be
+ * passed to av_reallocp_array().
* @param ptr Pointer to a pointer to a memory block already allocated
* with av_realloc(), or pointer to a pointer to NULL.
* The pointer is updated on success, or freed on failure.
* @param nmemb Number of elements
* @param size Size of the single element
* @return Zero on success, an AVERROR error code on failure.
- * @note av_reallocp_array() is not guaranteed to maintain the alignment of
- * pointers originating from the av_malloc() family of functions.
*/
av_alloc_size(2, 3) int av_reallocp_array(void *ptr, size_t nmemb, size_t size);
--
1.8.3.2
Ok
// Martin
_______________________________________________
libav-devel mailing list
[email protected]
https://lists.libav.org/mailman/listinfo/libav-devel
