From time to time, when the image_pool list has more then 1 element
and I suppose at start, all but 1 pooled ximage are leaked. This is
due to broken algorithm in gst_ximagesink_src_ximage_get(). There was
also a risk of use after free for the case where the ximage size has
changed.
https://bugzilla.gnome.org/show_bug.cgi?id=728502
meta = GST_META_XIMAGE_GET (ximage);
- if ((meta->width != ximagesrc->width) ||
- (meta->height != ximagesrc->height)) {
- gst_ximage_buffer_free (ximage);
- }
-
ximagesrc->buffer_pool = g_slist_delete_link (ximagesrc->buffer_pool,
ximagesrc->buffer_pool);
+
+ if ((meta->width == ximagesrc->width) ||
+ (meta->height == ximagesrc->height))
+ break;
+
+ gst_ximage_buffer_free (ximage);
+ ximage = NULL;
}
g_mutex_unlock (&ximagesrc->pool_lock);