From bf58b41e90f1062f426346182c9875576016ebeb Mon Sep 17 00:00:00 2001 From: John Stebbins Date: Wed, 13 Apr 2016 10:07:52 -0600 Subject: [PATCH] qsv: fix access to freed memory when interrupting encode --- libhb/enc_qsv.c | 78 ++++++++++++++++++++++++------------------------- 1 file changed, 39 insertions(+), 39 deletions(-) diff --git a/libhb/enc_qsv.c b/libhb/enc_qsv.c index 15d7b6bd5..5e1a77824 100644 --- a/libhb/enc_qsv.c +++ b/libhb/enc_qsv.c @@ -1424,58 +1424,58 @@ void encqsvClose(hb_work_object_t *w) av_qsv_context *qsv_ctx = pv->job->qsv.ctx; av_qsv_space *qsv_enc_space = pv->job->qsv.ctx->enc_space; - if (qsv_enc_space != NULL) + if (qsv_ctx != NULL) { - if (qsv_enc_space->is_init_done) + /* Unload MFX plug-ins */ + if (MFXQueryVersion(qsv_ctx->mfx_session, &version) == MFX_ERR_NONE) + { + hb_qsv_unload_plugins(&pv->loaded_plugins, qsv_ctx->mfx_session, version); + } + + /* QSV context cleanup and MFXClose */ + av_qsv_context_clean(qsv_ctx); + + if (qsv_enc_space != NULL) { - for (i = av_qsv_list_count(qsv_enc_space->tasks); i > 1; i--) + if (qsv_enc_space->is_init_done) { - av_qsv_task *task = av_qsv_list_item(qsv_enc_space->tasks, - i - 1); - if (task != NULL) + for (i = av_qsv_list_count(qsv_enc_space->tasks); i > 1; i--) { - if (task->bs != NULL) + av_qsv_task *task = av_qsv_list_item(qsv_enc_space->tasks, + i - 1); + if (task != NULL) { - av_freep(&task->bs->Data); + if (task->bs != NULL) + { + av_freep(&task->bs->Data); + } + av_qsv_list_rem(qsv_enc_space->tasks, task); + av_freep(&task->bs); + av_freep(&task); } - av_qsv_list_rem(qsv_enc_space->tasks, task); - av_freep(&task->bs); - av_freep(&task); } - } - av_qsv_list_close(&qsv_enc_space->tasks); + av_qsv_list_close(&qsv_enc_space->tasks); - for (i = 0; i < qsv_enc_space->surface_num; i++) - { - if (pv->is_sys_mem) + for (i = 0; i < qsv_enc_space->surface_num; i++) { - av_freep(&qsv_enc_space->p_surfaces[i]->Data.VU); - av_freep(&qsv_enc_space->p_surfaces[i]->Data.Y); + if (pv->is_sys_mem) + { + av_freep(&qsv_enc_space->p_surfaces[i]->Data.VU); + av_freep(&qsv_enc_space->p_surfaces[i]->Data.Y); + } + av_freep(&qsv_enc_space->p_surfaces[i]); } - av_freep(&qsv_enc_space->p_surfaces[i]); - } - qsv_enc_space->surface_num = 0; + qsv_enc_space->surface_num = 0; - for (i = 0; i < qsv_enc_space->sync_num; i++) - { - av_freep(&qsv_enc_space->p_syncp[i]->p_sync); - av_freep(&qsv_enc_space->p_syncp[i]); + for (i = 0; i < qsv_enc_space->sync_num; i++) + { + av_freep(&qsv_enc_space->p_syncp[i]->p_sync); + av_freep(&qsv_enc_space->p_syncp[i]); + } + qsv_enc_space->sync_num = 0; } - qsv_enc_space->sync_num = 0; + qsv_enc_space->is_init_done = 0; } - qsv_enc_space->is_init_done = 0; - } - - if (qsv_ctx != NULL) - { - /* Unload MFX plug-ins */ - if (MFXQueryVersion(qsv_ctx->mfx_session, &version) == MFX_ERR_NONE) - { - hb_qsv_unload_plugins(&pv->loaded_plugins, qsv_ctx->mfx_session, version); - } - - /* QSV context cleanup and MFXClose */ - av_qsv_context_clean(qsv_ctx); if (pv->is_sys_mem) { -- 2.40.0