[PR #1792] [MERGED] fix(matroska): add memory safety checks and fix memory leaks #2524

New Issue

claunia · 2026-01-29T17:22:36Z

claunia commented

2026-01-29 17:22:36 +00:00

📋 Pull Request Information

Original PR: https://github.com/CCExtractor/ccextractor/pull/1792
Author: @cfsmp3
Created: 12/12/2025
Status: ✅ Merged
Merged: 12/12/2025
Merged by: @cfsmp3

Base: master ← Head: fix/matroska-memory-safety

📝 Commits (1)

877156c fix(matroska): add memory safety checks and fix memory leaks

📊 Changes

1 file changed (+107 additions, -21 deletions)

View changed files

📝 src/lib_ccx/matroska.c (+107 -21)

📄 Description

Summary

This PR addresses multiple memory safety issues in the Matroska parser (src/lib_ccx/matroska.c) identified through static analysis using cppcheck.

Issues Fixed

Category	Count	Severity
Null pointer after malloc	15	HIGH
Buffer overflow risk	3	HIGH
Memory leaks	7	MEDIUM
Realloc error handling	3	HIGH
Use-after-free	1	CRITICAL
Missing free	2	MEDIUM

Details

Null pointer dereference after malloc (15 fixes)

Added null checks after all malloc/calloc calls
Uses EXIT_NOT_ENOUGH_MEMORY (exit code 500) for OOM conditions

Buffer overflow fixes (3 fixes)

generate_timestamp_ass_ssa(): Buffer 15→32 bytes, sprintf→snprintf
save_sub_track(): number[] buffer 9→16 bytes, sprintf→snprintf
generate_filename_from_track(): Dynamic buffer size calculation

Memory leak fixes (7 fixes)

Fixed leaks of read_vint_block_string() return values in parse_ebml() and parse_segment_info()
Fixed leak in parse_segment_track_entry() where lang was reassigned without freeing
Fixed leak in save_sub_track() where text pointer was advanced, losing original allocation

Realloc error handling (3 fixes)

Used temporary variable to preserve original pointer if realloc fails

Use-after-free fix (1 fix)

matroska_loop(): Saved values before matroska_free_all(), then used saved values

Missing free fixes (2 fixes)

Added free(track->sentences) in free_sub_track()
Added free(mkv_ctx->sub_tracks) in matroska_free_all()

Test plan

Code compiles without warnings from matroska.c
Test with sample MKV files containing subtitles
Run with valgrind to verify no memory leaks

🤖 Generated with Claude Code

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/CCExtractor/ccextractor/pull/1792 **Author:** [@cfsmp3](https://github.com/cfsmp3) **Created:** 12/12/2025 **Status:** ✅ Merged **Merged:** 12/12/2025 **Merged by:** [@cfsmp3](https://github.com/cfsmp3) **Base:** `master` ← **Head:** `fix/matroska-memory-safety` --- ### 📝 Commits (1) - [`877156c`](https://github.com/CCExtractor/ccextractor/commit/877156c59032510e1d0e71913f4207c326db3cc3) fix(matroska): add memory safety checks and fix memory leaks ### 📊 Changes **1 file changed** (+107 additions, -21 deletions) <details> <summary>View changed files</summary> 📝 `src/lib_ccx/matroska.c` (+107 -21) </details> ### 📄 Description ## Summary This PR addresses multiple memory safety issues in the Matroska parser (`src/lib_ccx/matroska.c`) identified through static analysis using cppcheck. ### Issues Fixed | Category | Count | Severity | |----------|-------|----------| | Null pointer after malloc | 15 | HIGH | | Buffer overflow risk | 3 | HIGH | | Memory leaks | 7 | MEDIUM | | Realloc error handling | 3 | HIGH | | Use-after-free | 1 | CRITICAL | | Missing free | 2 | MEDIUM | ### Details **Null pointer dereference after malloc (15 fixes)** - Added null checks after all `malloc`/`calloc` calls - Uses `EXIT_NOT_ENOUGH_MEMORY` (exit code 500) for OOM conditions **Buffer overflow fixes (3 fixes)** - `generate_timestamp_ass_ssa()`: Buffer 15→32 bytes, sprintf→snprintf - `save_sub_track()`: number[] buffer 9→16 bytes, sprintf→snprintf - `generate_filename_from_track()`: Dynamic buffer size calculation **Memory leak fixes (7 fixes)** - Fixed leaks of `read_vint_block_string()` return values in `parse_ebml()` and `parse_segment_info()` - Fixed leak in `parse_segment_track_entry()` where `lang` was reassigned without freeing - Fixed leak in `save_sub_track()` where text pointer was advanced, losing original allocation **Realloc error handling (3 fixes)** - Used temporary variable to preserve original pointer if realloc fails **Use-after-free fix (1 fix)** - `matroska_loop()`: Saved values before `matroska_free_all()`, then used saved values **Missing free fixes (2 fixes)** - Added `free(track->sentences)` in `free_sub_track()` - Added `free(mkv_ctx->sub_tracks)` in `matroska_free_all()` ## Test plan - [x] Code compiles without warnings from matroska.c - [ ] Test with sample MKV files containing subtitles - [ ] Run with valgrind to verify no memory leaks 🤖 Generated with [Claude Code](https://claude.com/claude-code) --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

claunia added the pull-request label 2026-01-29 17:22:36 +00:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/ccextractor#2524