bufferlist: fix abort due to underflow when creating 0-sized list

gst_buffer_list_new_sized(0) will cause an underflow in a calculation
which then makes it try to allocate huge amounts of memory, which
may lead to aborts.

https://bugzilla.gnome.org/show_bug.cgi?id=795758
This commit is contained in:
Tim-Philipp Müller 2018-05-05 16:16:45 +02:00
parent d06895ce5d
commit a5ecb465a9
2 changed files with 13 additions and 0 deletions

View file

@ -149,6 +149,9 @@ gst_buffer_list_new_sized (guint size)
gsize slice_size;
guint n_allocated;
if (size == 0)
size = 1;
n_allocated = GST_ROUND_UP_16 (size);
slice_size = sizeof (GstBufferList) + (n_allocated - 1) * sizeof (gpointer);

View file

@ -474,6 +474,15 @@ GST_START_TEST (test_calc_size)
GST_END_TEST;
GST_START_TEST (test_new_sized_0)
{
GstBufferList *b = gst_buffer_list_new_sized (0);
gst_buffer_list_unref (b);
}
GST_END_TEST;
static Suite *
gst_buffer_list_suite (void)
{
@ -491,6 +500,7 @@ gst_buffer_list_suite (void)
tcase_add_test (tc_chain, test_expand_and_remove);
tcase_add_test (tc_chain, test_get_writable);
tcase_add_test (tc_chain, test_calc_size);
tcase_add_test (tc_chain, test_new_sized_0);
return s;
}