Skip to content

vout: fix possible crash

Romain Vimont requested to merge rom1v/vlc:fix_vout_crash into master

If UpdateCurrentPicture() returns false, then sys->displayed.current may be NULL. If this is the case, do not call RenderPicture(), it would crash:

==73882==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000178 (pc 0x7fac79213282 bp 0x7fac37b9c9b0 sp 0x7fac37b9c990 T386)
==73882==The signal is caused by a WRITE memory access.
==73882==Hint: address points to the zero page.
    #0 0x7fac79213282 in vlc_atomic_rc_inc ../../include/vlc_atomic.h:57
    #1 0x7fac792135dc in picture_Hold ../../include/vlc_picture.h:363
    #2 0x7fac79221c1a in FilterPictureInteractive ../../src/video_output/video_output.c:1061
    #3 0x7fac79224e0a in RenderPicture ../../src/video_output/video_output.c:1247
    #4 0x7fac79227b8e in DisplayPicture ../../src/video_output/video_output.c:1466
    #5 0x7fac7922d0ff in Thread ../../src/video_output/video_output.c:1794
    #6 0x7fac780a7fd3 in start_thread nptl/pthread_create.c:442
    #7 0x7fac7812866b in clone3 ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

This may happen when stopping a video.

Merge request reports