[libcamera-devel] [PATCH 13/15] v4l2: v4l2_camera: Clear pending requests on freeBuffers
Paul Elder
paul.elder at ideasonboard.com
Tue Jun 16 15:12:42 CEST 2020
V4L2 allows buffer queueing before streamon while libcamera does not.
The compatibility layer thus saves these buffers in a pending queue
until streamon, and then automatically queues them. However, this
pending queue is not cleared when the buffers a freed, so if buffers are
queued, the stream is not started, buffers are freed, more buffers are
queued, and the stream is finally started, then the first set of buffers
will be used-after-free. Fix this by clearing the pending quest queue
upon the buffers being freed.
Signed-off-by: Paul Elder <paul.elder at ideasonboard.com>
---
src/v4l2/v4l2_camera.cpp | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/v4l2/v4l2_camera.cpp b/src/v4l2/v4l2_camera.cpp
index f0ec54b..bae270a 100644
--- a/src/v4l2/v4l2_camera.cpp
+++ b/src/v4l2/v4l2_camera.cpp
@@ -155,6 +155,7 @@ void V4L2Camera::freeBuffers()
Stream *stream = *camera_->streams().begin();
bufferAllocator_->free(stream);
+ pendingRequests_.clear();
}
FileDescriptor V4L2Camera::getBufferFd(unsigned int index)
--
2.27.0
More information about the libcamera-devel
mailing list