From mboxrd@z Thu Jan 1 00:00:00 1970 From: noreply@alsa-project.org Subject: [ALSA - lib 0000389]: random buffer snd_output_t issues Date: Thu, 15 Jul 2004 20:14:56 +0200 (CEST) Sender: alsa-devel-admin@lists.sourceforge.net Message-ID: <20040715181456.CD3C519004@server.perex-int.cz> Content-Type: text/plain; charset=iso-8859-1 Return-path: Received: from mail.perex.cz (gate.perex.cz [82.113.61.162]) by alsa.alsa-project.org (ALSA's E-mail Delivery System) with ESMTP id 12E32217 for ; Thu, 15 Jul 2004 20:14:57 +0200 (MEST) Received: from server.perex-int.cz (server.perex-int.cz [192.168.100.2]) by gate.perex-int.cz (Perex's E-mail Delivery System) with ESMTP id DC4671239C for ; Thu, 15 Jul 2004 20:14:56 +0200 (MEST) Errors-To: alsa-devel-admin@lists.sourceforge.net List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , List-Archive: To: alsa-devel@alsa-project.org List-Id: alsa-devel@alsa-project.org A BUGNOTE has been added to this bug. ====================================================================== https://bugtrack.alsa-project.org/alsa-bug/bug_view_page.php?bug_id=0000389 ====================================================================== Reported By: Benjamin Otte Assigned To: ====================================================================== Project: ALSA - lib Bug ID: 389 Category: general Reproducibility: always Severity: crash Priority: normal Status: new ====================================================================== Date Submitted: 07-15-2004 20:09 CEST Last Modified: 07-15-2004 20:14 CEST ====================================================================== Summary: random buffer snd_output_t issues Description: There are several issues with using a snd_output_t acquired from snd_output_buffer_open(). These cause random segfaults because of writing/reading invalid memory. The attached patch fixes those issues. ====================================================================== ---------------------------------------------------------------------- Benjamin Otte - 07-15-2004 20:14 CEST ---------------------------------------------------------------------- patch to fix the issues. These include: - snd_output_buffer_need might not resize the buffer to be big enough, if huge sizes are required. - calculating the needed buffer size does not take care of the terminating null byte vsprintf puts at the end. So in rare cases, the buffer is exactly one byte too small. Use vsnprintf instead to guard against these problems. - snd_output_buffer_print does not correct the size member for the number of bytes added. Bug History Date Modified Username Field Change ====================================================================== 07-15-04 20:09 Benjamin Otte New Bug 07-15-04 20:09 Benjamin Otte File Added: test-overwrite.c 07-15-04 20:14 Benjamin Otte Bugnote Added: 0001438 ====================================================================== ------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click