mem: fix pointer pointer aliasing violations

This uses explicit memory copying to read and write pointer to pointers of arbitrary object types. This works provided that the architecture uses the same representation for all pointer types (the previous code made that assumption already anyway). Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
author: Rémi Denis-Courmont <remi@remlab.net> 2015-01-26 21:17:31 +0200
committer: Luca Barbato <lu_zero@gentoo.org> 2015-02-01 02:28:40 +0100
commit: 60392480181f24ebf3ab48d8ac3614705de90152 (patch)
tree: b3a200106be1f4aadcf7dee6173577f6d6de4a17
parent: f726fc21ef76a8ba3445448066f7b2a687fbca16 (diff)
download: ffmpeg-60392480181f24ebf3ab48d8ac3614705de90152.tar.gz
1 files changed, 19 insertions, 13 deletions
diff --git a/libavutil/mem.c b/libavutil/mem.c
index b7bb65c139..15c28808c1 100644
--- a/libavutil/mem.c
+++ b/libavutil/mem.c
@@ -139,21 +139,22 @@ void *av_realloc(void *ptr, size_t size)
 
 int av_reallocp(void *ptr, size_t size)
 {
-    void **ptrptr = ptr;
-    void *ret;
+    void *val;
 
     if (!size) {
         av_freep(ptr);
         return 0;
     }
-    ret = av_realloc(*ptrptr, size);
 
-    if (!ret) {
+    memcpy(&val, ptr, sizeof(val));
+    val = av_realloc(val, size);
+
+    if (!val) {
         av_freep(ptr);
         return AVERROR(ENOMEM);
     }
 
-    *ptrptr = ret;
+    memcpy(ptr, &val, sizeof(val));
     return 0;
 }
 
@@ -166,20 +167,23 @@ void *av_realloc_array(void *ptr, size_t nmemb, size_t size)
 
 int av_reallocp_array(void *ptr, size_t nmemb, size_t size)
 {
-    void **ptrptr = ptr;
-    void *ret;
+    void *val;
+
     if (!size || nmemb >= INT_MAX / size)
         return AVERROR(ENOMEM);
     if (!nmemb) {
         av_freep(ptr);
         return 0;
     }
-    ret = av_realloc(*ptrptr, nmemb * size);
-    if (!ret) {
+
+    memcpy(&val, ptr, sizeof(val));
+    val = av_realloc(val, nmemb * size);
+    if (!val) {
         av_freep(ptr);
         return AVERROR(ENOMEM);
     }
-    *ptrptr = ret;
+
+    memcpy(ptr, &val, sizeof(val));
     return 0;
 }
 
@@ -197,9 +201,11 @@ void av_free(void *ptr)
 
 void av_freep(void *arg)
 {
-    void **ptr = (void **)arg;
-    av_free(*ptr);
-    *ptr = NULL;
+    void *val;
+
+    memcpy(&val, arg, sizeof(val));
+    memcpy(arg, &(void *){ NULL }, sizeof(val));
+    av_free(val);
 }
 
 void *av_mallocz(size_t size)
author	Rémi Denis-Courmont <remi@remlab.net>	2015-01-26 21:17:31 +0200
committer	Luca Barbato <lu_zero@gentoo.org>	2015-02-01 02:28:40 +0100
commit	60392480181f24ebf3ab48d8ac3614705de90152 (patch)
tree	b3a200106be1f4aadcf7dee6173577f6d6de4a17
parent	f726fc21ef76a8ba3445448066f7b2a687fbca16 (diff)
download	ffmpeg-60392480181f24ebf3ab48d8ac3614705de90152.tar.gz