ref: 47886aed9f041eaa484460893ba6bdd77f270ee7
parent: 914bf5843f6d52cdca135ab5c4e70ed85f56d54a
author: Janne Grunau <janne-vlc@jannau.net>
date: Wed Oct 3 10:38:44 EDT 2018
decode_frame: unref everything on decoding errors Fixes frame ref leak with crash-5f55445c56a36f28259bc742dd08b2c5ba42045d.
--- a/src/decode.c
+++ b/src/decode.c
@@ -2237,6 +2237,7 @@
int decode_frame(Dav1dFrameContext *const f) {const Dav1dContext *const c = f->c;
+ int retval = -EINVAL;
if (f->n_tc > 1) { if (f->frame_hdr.tiling.cols * f->sbh > f->tile_thread.titsati_sz) {@@ -2650,6 +2651,8 @@
dav1d_thread_picture_signal(&f->cur, UINT_MAX, PLANE_TYPE_ALL);
+ retval = 0;
+error:
for (int i = 0; i < 7; i++) {if (f->refp[i].p.data[0])
dav1d_thread_picture_unref(&f->refp[i]);
@@ -2668,13 +2671,7 @@
for (int i = 0; i < f->n_tile_data; i++)
dav1d_data_unref(&f->tile[i].data);
- return 0;
-
-error:
- for (int i = 0; i < f->n_tile_data; i++)
- dav1d_data_unref(&f->tile[i].data);
-
- return -EINVAL;
+ return retval;
}
int submit_frame(Dav1dContext *const c) {