From 81f5a225f7ce37694b7d93cc9ce20bf1fa706a3a Mon Sep 17 00:00:00 2001 From: Michael Sevakis Date: Sat, 14 Oct 2017 05:59:09 -0400 Subject: [PATCH] Fix plugin core_alloc_maximum functionality One mustn't assume a plugin will only call plugin_get_audio_buffer one time or that the buffer_size pointer is always non-NULL. At least one plugin, pacbox, will call it each time it (re)starts audio, with a NULL param (which is intentional because it only wants to kill audio playback), and leak away all the RAM because the handle gets clobbered by further calls and the memory can't be released. Change-Id: Ic5b94dbc0277c42964ea85b4e9d0302a7c6f1fe4 --- apps/plugin.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/apps/plugin.c b/apps/plugin.c index d14b6468e0..33a46a3d84 100644 --- a/apps/plugin.c +++ b/apps/plugin.c @@ -841,6 +841,7 @@ static const struct plugin_api rockbox_api = { }; static int plugin_buffer_handle; +static size_t plugin_buffer_size; int plugin_load(const char* plugin, const void* parameter) { @@ -1018,15 +1019,26 @@ static void* plugin_get_audio_buffer(size_t *buffer_size) /* dummy ops with no callbacks, needed because by * default buflib buffers can be moved around which must be avoided */ static struct buflib_callbacks dummy_ops; - plugin_buffer_handle = core_alloc_maximum("plugin audio buf", buffer_size, - &dummy_ops); + if (plugin_buffer_handle <= 0) + { + plugin_buffer_handle = core_alloc_maximum("plugin audio buf", + &plugin_buffer_size, + &dummy_ops); + } + + if (buffer_size) + *buffer_size = plugin_buffer_size; + return core_get_data(plugin_buffer_handle); } static void plugin_release_audio_buffer(void) { if (plugin_buffer_handle > 0) + { plugin_buffer_handle = core_free(plugin_buffer_handle); + plugin_buffer_size = 0; + } } /* The plugin wants to stay resident after leaving its main function, e.g.