GNOME Bugzilla – Bug 536475
gdppay memleak and possible crash
Last modified: 2008-06-04 05:58:20 UTC
If gst_gdp_pay_reset_streamheader is called multiple times due to a change of caps The new_segment_buf will make a copy of last new_segment_buf to set as streamheader Then the caps are created with the streamheader containing the copy of the new_segment_buf And these caps are set on the new_segment_buf And it's sent.. This is ok for the first time the _reset fonction is called... But after that since this->new_segment_buf exists and it's caps are set with a streamheader When the copy of the new_segment_buf is made , it copies the caps too and these caps contain a reference to the last new_segment_buf copy thus each call to _reset will ref the previous new_segment_buf copy Repeating this multiple times causes a buffer leak .. and in my case a stack crash when it tries to unref all thoses buffer... This could also apply in different ways to caps_buf and tag_buf... (By having multiple newsegment or tag events) Patched by setting to NULL the caps of the copyed buffer
Created attachment 112073 [details] [review] fixes the problem by setting the copy caps to NULL
2008-06-04 Sebastian Dröge <slomo@circular-chaos.org> Patch by: Antoine Tremblay <hexa00 at gmail dot com> * gst/gdp/gstgdppay.c: (gst_gdp_pay_reset_streamheader): Don't set caps on the buffers that contain a copy of the buffer including the caps of them resulting in an always increasing refcount of the caps and insanely large caps. Instead include a buffer without caps in the new caps. Fixes bug #536475.