codecs: h265: Do not free slice header before using it

The v4l2codecs H.265 decoder uses the
GstH265SliceHdr::entry_point_offset_minus1 array so make sure that it is not
freed before decoding the frame.

Before this patch, some H.265 input would segfault in
gst_v4l2_codec_h265_dec_fill_slice_params() when executing the line:

guint32 entry_point_offset = slice_hdr->entry_point_offset_minus1[i] + 1;

Make sure that the array is not freed before using it.

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/5499>
This commit is contained in:
Detlev Casanova 2023-10-17 12:42:59 -04:00 committed by Nicolas Dufresne
parent 269ab85881
commit 5f9b24e3ba

View file

@ -881,11 +881,6 @@ gst_h265_decoder_parse_slice (GstH265Decoder * self, GstH265NalUnit * nalu)
if (pres != GST_H265_PARSER_OK) if (pres != GST_H265_PARSER_OK)
return pres; return pres;
/* NOTE: gst_h265_parser_parse_slice_hdr() allocates array
* GstH265SliceHdr::entry_point_offset_minus1 but we don't use it
* in this h265decoder baseclass at the moment
*/
gst_h265_slice_hdr_free (&slice.header);
slice.nalu = *nalu; slice.nalu = *nalu;
if (nalu->type >= GST_H265_NAL_SLICE_BLA_W_LP && if (nalu->type >= GST_H265_NAL_SLICE_BLA_W_LP &&
@ -2104,6 +2099,9 @@ gst_h265_decoder_clear_nalu (GstH265DecoderNalUnit * nalu)
if (!nalu) if (!nalu)
return; return;
if (nalu->is_slice)
gst_h265_slice_hdr_free (&nalu->unit.slice.header);
memset (nalu, 0, sizeof (GstH265DecoderNalUnit)); memset (nalu, 0, sizeof (GstH265DecoderNalUnit));
} }