From 2e8bb48ae8de57181b788525f2fdf6fca8461e5f Mon Sep 17 00:00:00 2001 From: wm4 Date: Fri, 2 Feb 2018 17:22:05 +0100 Subject: [PATCH] loadfile: fix crash in some cases of setting --lavfi-complex at runtime The somewhat confusing thing is that many filters (including track->dec) have a public struct, but to free them, you need to free the mp_filter pointer itself (track->dec->f). The assignment wrote to a dangling pointer, instead of removing the dangling pointer. (Other than that, this idiom is actually nice.) --- player/loadfile.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/player/loadfile.c b/player/loadfile.c index 758af41f89..c435f50b7d 100644 --- a/player/loadfile.c +++ b/player/loadfile.c @@ -985,7 +985,7 @@ static void cleanup_deassociated_complex_filters(struct MPContext *mpctx) if (!(track->sink || track->vo_c || track->ao_c)) { if (track->dec && !track->vo_c && !track->ao_c) { talloc_free(track->dec->f); - track->dec->f = NULL; + track->dec = NULL; } track->selected = false; }