[CELT-dev] Memory leak when specifying invalid channels count

Jean-Marc Valin jmvalin at jmvalin.ca
Sat Jan 29 12:17:59 PST 2011


Hi Bjoern,

Thanks for reporting this. You're correct about the problem, although 
the solution is to change celt_encoder_create() because the array passed 
to celt_encoder_init() isn't guaranteed to be malloc()ed.

Cheers,

	Jean-Marc

On 11-01-29 11:36 AM, Bjoern Damstedt Rasmussen wrote:
> Hi
>
> I minor issue I noticed when I passed an invalid 'channels' parameter
> to celt_encoder_create() is that celt_encoder_init() doesn't free
> the CELTEncoder ('st' parameter) when 'if (channels < 0 || channels >
> 2)' evaluates to true.
>
> Seems celt_encoder_init() should do like this instead:
>
> CELTEncoder *celt_encoder_init(CELTEncoder *st, const CELTMode *mode,
> int channels, int *error)
> {
>     if (channels < 0 || channels > 2)
>     {
>        if (error)
>           *error = CELT_BAD_ARG;
>        celt_free(st); /* ensure 'st' is deallocated */
>        return NULL;
>     }
>
>
> Or maybe even better have celt_encoder_init() allocate the CELTEncoder
> so it's only created if the input is valid.
>
> -- Bjoern
>
>
>
> _______________________________________________
> celt-dev mailing list
> celt-dev at xiph.org
> http://lists.xiph.org/mailman/listinfo/celt-dev



More information about the celt-dev mailing list