Bug 1216748 - p2. Handle failed malloc in Metadata storage - r=rillian a=lizzard
authorGerald Squelart <gsquelart@mozilla.com>
Thu, 03 Dec 2015 15:03:27 -0800
changeset 298574 107691986306d93dc7173a32429ea72fd459069e
parent 298573 c288fafdfb4fe809d3e57b964bfbcdd98ccd502c
child 298575 3afbbd31560d734de87f7d37cd24523b123eb92e
push id962
push userjlund@mozilla.com
push dateFri, 04 Dec 2015 23:28:54 +0000
treeherdermozilla-release@23a2d286e80f [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersrillian, lizzard
bugs1216748
milestone43.0
Bug 1216748 - p2. Handle failed malloc in Metadata storage - r=rillian a=lizzard
media/libstagefright/frameworks/av/include/media/stagefright/MetaData.h
media/libstagefright/frameworks/av/media/libstagefright/MetaData.cpp
--- a/media/libstagefright/frameworks/av/include/media/stagefright/MetaData.h
+++ b/media/libstagefright/frameworks/av/include/media/stagefright/MetaData.h
@@ -243,17 +243,17 @@ private:
             void *ext_data;
             float reservoir;
         } u;
 
         bool usesReservoir() const {
             return mSize <= sizeof(u.reservoir);
         }
 
-        void allocateStorage(size_t size);
+        bool allocateStorage(size_t size);
         void freeStorage();
 
         void *storage() {
             return usesReservoir() ? &u.reservoir : u.ext_data;
         }
 
         const void *storage() const {
             return usesReservoir() ? &u.reservoir : u.ext_data;
--- a/media/libstagefright/frameworks/av/media/libstagefright/MetaData.cpp
+++ b/media/libstagefright/frameworks/av/media/libstagefright/MetaData.cpp
@@ -215,73 +215,84 @@ bool MetaData::findData(uint32_t key, ui
     const typed_data &item = mItems.valueAt(i);
 
     item.getData(type, data, size);
 
     return true;
 }
 
 MetaData::typed_data::typed_data()
-    : mType(0),
+    : mType(TYPE_NONE),
       mSize(0) {
 }
 
 MetaData::typed_data::~typed_data() {
     clear();
 }
 
 MetaData::typed_data::typed_data(const typed_data &from)
     : mType(from.mType),
       mSize(0) {
-    allocateStorage(from.mSize);
-    memcpy(storage(), from.storage(), mSize);
+    if (allocateStorage(from.mSize)) {
+        memcpy(storage(), from.storage(), mSize);
+    }
 }
 
 MetaData::typed_data &MetaData::typed_data::operator=(
         const MetaData::typed_data &from) {
     if (this != &from) {
         clear();
-        mType = from.mType;
-        allocateStorage(from.mSize);
-        memcpy(storage(), from.storage(), mSize);
+        if (allocateStorage(from.mSize)) {
+            mType = from.mType;
+            memcpy(storage(), from.storage(), mSize);
+        }
     }
 
     return *this;
 }
 
 void MetaData::typed_data::clear() {
     freeStorage();
 
-    mType = 0;
+    mType = TYPE_NONE;
 }
 
 void MetaData::typed_data::setData(
         uint32_t type, const void *data, size_t size) {
     clear();
 
-    mType = type;
-    allocateStorage(size);
-    memcpy(storage(), data, size);
+    if (allocateStorage(size)) {
+        mType = type;
+        memcpy(storage(), data, size);
+    }
 }
 
 void MetaData::typed_data::getData(
         uint32_t *type, const void **data, size_t *size) const {
     *type = mType;
     *size = mSize;
     *data = storage();
 }
 
-void MetaData::typed_data::allocateStorage(size_t size) {
+bool MetaData::typed_data::allocateStorage(size_t size) {
+    // Update mSize now, as it is needed by usesReservoir() below.
+    // (mSize will be reset if the allocation fails further below.)
     mSize = size;
 
     if (usesReservoir()) {
-        return;
+        return true;
     }
 
     u.ext_data = malloc(mSize);
+    if (!u.ext_data) {
+      mType = TYPE_NONE;
+      mSize = 0;
+      return false;
+    }
+    return true;
 }
 
 void MetaData::typed_data::freeStorage() {
     if (!usesReservoir()) {
         if (u.ext_data) {
             free(u.ext_data);
             u.ext_data = NULL;
         }