After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 788759 - qtdemux: fix 'stsd' table leak and nested caps leak
qtdemux: fix 'stsd' table leak and nested caps leak
Status: RESOLVED FIXED
Product: GStreamer
Classification: Platform
Component: gst-plugins-good
git master
Other Linux
: Normal normal
: 1.12.4
Assigned To: GStreamer Maintainers
GStreamer Maintainers
: 790110 790472 (view as bug list)
Depends on:
Blocks:
 
 
Reported: 2017-10-10 09:18 UTC by Jun Xie
Modified: 2017-12-04 09:27 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
fix leak (1.45 KB, patch)
2017-10-10 09:22 UTC, Jun Xie 		none Details | Review
reset reused QtDemuxStream (2.08 KB, patch)
2017-10-17 07:15 UTC, Jun Xie 		none Details | Review
reset reused QtDemuxStream_v2 (2.07 KB, patch)
2017-10-22 10:33 UTC, Jun Xie 		committed Details | Review

Description Jun Xie 2017-10-10 09:18:59 UTC 
typically in DASH/HLS adaptive streaming cases, 'moov' box will be handled in qtdemux multiple times.
An existing QtDemuxStream's 'stsd' will be overwritten without freed.

if an existing QtDemuxStream is found, its 'stsd' tables and related caps need to be freed.
Comment 1 Jun Xie 2017-10-10 09:22:13 UTC 
Created attachment 361221 [details] [review]
fix leak

patch added. please review
Comment 2 Jun Xie 2017-10-16 01:31:04 UTC 
please kindly review the patch.
Comment 3 Sebastian Dröge (slomo) 2017-10-16 07:44:25 UTC 
Comment on attachment 361221 [details] [review]
fix leak

gst_qtdemux_stream_clear() also unrefs the rgb8_palette field but does not free anything else, and it also clears various other fields (are any of the others ones needed here too? The protection ones maybe?). Maybe refactor the above into a separate function that is also called from stream_clear()?
Comment 4 Jun Xie 2017-10-16 08:59:51 UTC 
(In reply to Sebastian Dröge (slomo) from comment #3)
> Comment on attachment 361221 [details] [review] [review]
> fix leak
> 
> gst_qtdemux_stream_clear() also unrefs the rgb8_palette field but does not
> free anything else, and it also clears various other fields (are any of the
> others ones needed here too? The protection ones maybe?). Maybe refactor the
> above into a separate function that is also called from stream_clear()?



yes, great suggestion.
I will dig more, and sort out what's more need to be freed.
a separate function will be created.
Comment 5 Jun Xie 2017-10-17 07:15:42 UTC 
Created attachment 361713 [details] [review]
reset reused QtDemuxStream
Comment 6 Jun Xie 2017-10-17 07:18:37 UTC 
after digging more, IMHO, QtDemuxStream needs to be reset if reused.

'gst_qtdemux_stream_reset' is newly added, it does:
 1. clear stream 
 2. free stsd entries, and its nested caps

please review.
Comment 7 Sebastian Dröge (slomo) 2017-10-19 13:07:38 UTC 
Review of attachment 361713 [details] [review]:

Don't change the permissions of files.

::: gst/isomp4/qtdemux.c
@@ +2543,3 @@
     }
   }
+  g_free (stream->stsd_entries);

This will crash when called another time, might want to set it to 0 and the number of entries too.
Comment 8 Jun Xie 2017-10-22 10:32:32 UTC 
(In reply to Sebastian Dröge (slomo) from comment #7)
> Review of attachment 361713 [details] [review] [review]:
> 
> Don't change the permissions of files.
> 
> ::: gst/isomp4/qtdemux.c
> @@ +2543,3 @@
>      }
>    }
> +  g_free (stream->stsd_entries);
> 
> This will crash when called another time, might want to set it to 0 and the
> number of entries too.

thanks for reviewing, please review the new patch again.
Comment 9 Jun Xie 2017-10-22 10:33:49 UTC 
Created attachment 362044 [details] [review]
reset reused QtDemuxStream_v2
Comment 10 Jun Xie 2017-11-02 02:35:10 UTC 
hi, slomo,  please review the newly added patch. thanks.
Comment 11 rland 2017-11-09 09:10:44 UTC 
*** Bug 790110 has been marked as a duplicate of this bug. ***
Comment 12 Sebastian Dröge (slomo) 2017-11-17 09:50:38 UTC 
commit 7c8aeff262a58d62ce3ad44ef7a5aec4ae8bacd7 (HEAD -> master)
Author: Jun Xie <jun.xie@samsung.com>
Date:   Sun Oct 22 18:26:12 2017 +0800

    qtdemux: reset reused QtDemuxStream while parsing a new 'trak'
    
    if QtDemuxStream is reused, then we need to reset it.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=788759
Comment 13 Tim-Philipp Müller 2017-12-04 09:27:55 UTC 
*** Bug 790472 has been marked as a duplicate of this bug. ***