From: David Fries <David@Fries.net>
To: Alan Horstmann <gineera@aspect135.co.uk>
Cc: alsa-devel@alsa-project.org
Subject: Re: [PATCH] aplay: fix lurking capture file overwrite bug
Date: Sun, 17 Apr 2016 22:34:46 -0500 [thread overview]
Message-ID: <20160418033446.GC16174@spacedout.fries.net> (raw)
In-Reply-To: <201604152125.37337.gineera@aspect135.co.uk>
On Fri, Apr 15, 2016 at 09:25:37PM +0100, Alan Horstmann wrote:
> On Thursday 14 April 2016 05:32, David Fries wrote:
> > If -d was given to arecord while commit
> > 8aa13eec80eac312e4b99423909387660fb99b8f (now reverted) was in effect,
> > the last read would be shorter than the chunk size, but pcm_read would
> > read and return the chunk size, the samples were discarded, and
> > capture() continued in a loop because count never reached 0. arecord
> > opens a new file each loop iteration, if arecord is dynamically naming
> > files, --use-strftime option or beyond the wave 2GB limit, this will
> > generate a series of header only wave files.
>
> <snip>
>
> > Debian has the effectively broken pcm_read,
>
> It is fortunate for me that you mentioned those details as I have just been
> bitten by exactly that, using arecord whilst tracking down a Portaudio issue
> in Debian Jessie! I was gearing up to report the bug, assuming it was in the
> capture system.
>
> It seems a pity that Debian Jessie stable doesn't have a backport of the
> fix/revert.
Glad to hear I helped.
I filed a Debian bug report with the two patches that would avoid it as
Bug#821048, but it isn't going to be fixed. Denial of service is
usually seen as a security issue, and this bug could run the system
out of inodes, I guess it isn't seen as a high enough priority. I was
able to download and compile 1.1.0-2 on Jessie which doesn't have this
problem.
----------------
Please update to alsa-utils 1.1.0-2 first. In stable there will be
only security patches accepted. Bug closed herewith. Backports are
not maintained from us.
Elimar
----------------
> Now back to tracing the original issue...
>
> Regards
>
> Alan
> _______________________________________________
> Alsa-devel mailing list
> Alsa-devel@alsa-project.org
> http://mailman.alsa-project.org/mailman/listinfo/alsa-devel
--
David Fries <david@fries.net>
prev parent reply other threads:[~2016-04-18 3:34 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-14 4:32 [PATCH] aplay: fix lurking capture file overwrite bug David Fries
2016-04-14 12:36 ` Takashi Iwai
2016-04-15 20:25 ` Alan Horstmann
2016-04-18 3:34 ` David Fries [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160418033446.GC16174@spacedout.fries.net \
--to=david@fries.net \
--cc=alsa-devel@alsa-project.org \
--cc=gineera@aspect135.co.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).