I'm not developer of Bento4 nor expert in this area, but isn't it normal that there are memory leaks if program doesn't exit successfully? Correct me if I'm wrong. I'm interested to learn more about this area :)
Someone apparently requested a CVE for this, which got assigned CVE-2018-20407.
Such issues have to be fixed in order to support meaningful testing with ASAN or Valgrind: otherwise it is difficult to distinguish a false positive (when the memory is leaked in the application on purpose) from true errors (when the memory is leaked in a library, or when the application encounters an unexpected error).
Since C++11 it is easier to write code that does not leak memory (thanks to unique_ptr and shared_ptr) than code that leaks it on error but does not on success. However, Bento predates C++11 and almost does not use C++ STL or even C++ templates (except in its List and Vector). (There is some beauty in this.)
I have investigated this issue a bit, and after plugging a small possibly intentional leak in the application it looks like a true leak in the library, but I have not yet figured the exact cause. Yet it seems that the cause of this issue and #333 is the same.
Things would be definitely easier by leveraging some of the more recent features of "modern" C++. But the code base started in 2002, 17 years ago! C++ was quite different then. Since the code base has been pretty stable over the years, there's little motivation to go back and re-write in with STL classes. I do, however, welcome any bug report like this, as any memory leak should be an error that's fixable. The class library itself should have 0 memory leaks. Some of the command line apps are a bit more relaxed that way, since exiting on error keeps the code simple, relying on the OS to reclaim the memory when the process exits.
A crafted input will lead to memroy leaks in Ap4DescriptorFactory.cpp at Bento4 1.5.1-627.
Triggered by
./mp42hls crash3.mp4
Poc
crash3.zip
Bento4 Version 1.5.1-627
The ASAN information is as follows:
FoundBy: yjiiit@aliyun.com
The text was updated successfully, but these errors were encountered: