ximagesrc: Fix ximage leaks when buffer has more then one ximage

From time to time, when the image_pool list has more then 1 element
and I suppose at start, all but 1 pooled ximage are leaked. This is
due to broken algorithm in gst_ximagesink_src_ximage_get(). There was
also a risk of use after free for the case where the ximage size has
changed.

https://bugzilla.gnome.org/show_bug.cgi?id=728502

diff --git a/sys/ximage/gstximagesrc.c b/sys/ximage/gstximagesrc.c
index cdb4a1d..17f4a4e 100644 (file)
--- a/sys/ximage/gstximagesrc.c
+++ b/sys/ximage/gstximagesrc.c
@@ -460,13 +460,15 @@ gst_ximage_src_ximage_get (GstXImageSrc * ximagesrc)
 
     meta = GST_META_XIMAGE_GET (ximage);
 
-    if ((meta->width != ximagesrc->width) ||
-        (meta->height != ximagesrc->height)) {
-      gst_ximage_buffer_free (ximage);
-    }
-
     ximagesrc->buffer_pool = g_slist_delete_link (ximagesrc->buffer_pool,
         ximagesrc->buffer_pool);
+
+    if ((meta->width == ximagesrc->width) ||
+        (meta->height == ximagesrc->height))
+      break;
+
+    gst_ximage_buffer_free (ximage);
+    ximage = NULL;
   }
   g_mutex_unlock (&ximagesrc->pool_lock);