Your message dated Sun, 08 Apr 2012 17:02:15 +0000
with message-id <[email protected]>
and subject line Bug#590647: fixed in cdrdao 1:1.2.3-0.3
has caused the Debian Bug report #590647,
regarding gcdmaster: Segfault when trying to play audio
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
590647: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590647
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: gcdmaster
Version: 1:1.2.3-0.1
Severity: important
Tags: patch

Hi!

When pressing the "play" button in gcdmaster, the program segfaults with 
the following backtrace:

Program received signal SIGSEGV, Segmentation fault.
__strlen_sse2 () at ../sysdeps/x86_64/multiarch/../strlen.S:31
31      ../sysdeps/x86_64/multiarch/../strlen.S: No such file or 
directory.
        in ../sysdeps/x86_64/multiarch/../strlen.S
(gdb) bt
#0  __strlen_sse2 () at ../sysdeps/x86_64/multiarch/../strlen.S:31
#1  0x00007ffff040a2f6 in _sanitize_matrix (maxchannels=<value optimized out>, 
    matrix=0x30 <Address 0x30 out of bounds>, device=0xa1c8a0)
    at audio_out.c:633
#2  0x00007ffff040a96b in _open_device (driver_id=<value optimized out>, 
    format=0xa1a5e0, options=0x0, file=<value optimized out>)
    at audio_out.c:989
#3  0x0000000000471561 in SoundIF::start (this=0xa19960) at SoundIF-ao.cc:69
#4  0x000000000041a9df in AudioCDProject::playStart (this=0x9a2600, start=0, 
    end=26189519) at AudioCDProject.cc:452
#5  0x000000000041e701 in AudioCDProject::playStart (this=0x9a2600)
    at AudioCDProject.cc:425

Reason:

The constructor misses to initialize the format variable properly. As 
mentioned in

   <http://www.xiph.org/ao/doc/ao_sample_format.html>,

it (currently) consists of the following five entries:

typedef struct {
  int  bits; /* bits per sample */
  int  rate; /* samples per second (in a single channel) */
  int  channels; /* number of audio channels */
  int  byte_format; /* Byte ordering in sample, see constants below */
  char *matrix; /* channel input matrix */
} ao_sample_format;


However, gcdmaster only sets four of them:

  impl_->format.bits = 16;
  impl_->format.rate = 44100;
  impl_->format.channels = 2;
  impl_->format.byte_format = AO_FMT_NATIVE;  

Obviously, matrix isn't defined. The pointer is then later accessed, 
pointing to random addresses and hence triggering sigsegv.

The attached patch fixes this problem. It also does a little bit more, 
it memsets the struct, so all values will be properly initialized, even 
if the definition of typedef ao_sample_format will change in the future.


Justification for the chosen severity level: the bug has a major effect 
on the usability of this package. Preparing a CD (pre-gaps, track 
boundaries, endings a.s.o.) without being able to listen to the result 
is like drawing something in Gimp without being able to actually see it. 
One would have to work blindly, and this simply doesn't make sense for 
such a package.


Cheerio

PS: This patch needs to be forwarded to upstream (please take care). 
Until it's included in an upcoming release, also update the DEP-3 header 
to point to the right bug number.

-- System Information:
Debian Release: 5.0.4
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.30.5
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
--- Begin Message ---
--- a/xdao/SoundIF-ao.cc
+++ b/xdao/SoundIF-ao.cc
@@ -22,6 +22,7 @@
 #include "SoundIF.h"
 #include "Sample.h"
 #include "util.h"
+#include <cstring>
 
 class SoundIFImpl
 {
@@ -37,10 +38,12 @@ SoundIF::SoundIF()
 
   impl_ = new SoundIFImpl;
   impl_->driverId = ao_default_driver_id();
+  memset(&(impl_->format), 0, sizeof (ao_sample_format));
   impl_->format.bits = 16;
   impl_->format.rate = 44100;
   impl_->format.channels = 2;
   impl_->format.byte_format = AO_FMT_NATIVE;  
+  impl_->format.matrix = NULL;
 }
 
 SoundIF::~SoundIF()

--- End Message ---

--- End Message ---
--- Begin Message ---
Source: cdrdao
Source-Version: 1:1.2.3-0.3

We believe that the bug you reported is fixed in the latest version of
cdrdao, which is due to be installed in the Debian FTP archive:

cdrdao_1.2.3-0.3.debian.tar.gz
  to main/c/cdrdao/cdrdao_1.2.3-0.3.debian.tar.gz
cdrdao_1.2.3-0.3.dsc
  to main/c/cdrdao/cdrdao_1.2.3-0.3.dsc
cdrdao_1.2.3-0.3_kfreebsd-amd64.deb
  to main/c/cdrdao/cdrdao_1.2.3-0.3_kfreebsd-amd64.deb
gcdmaster_1.2.3-0.3_kfreebsd-amd64.deb
  to main/c/cdrdao/gcdmaster_1.2.3-0.3_kfreebsd-amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Robert Millan <[email protected]> (supplier of updated cdrdao package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 08 Apr 2012 18:16:02 +0200
Source: cdrdao
Binary: cdrdao gcdmaster
Architecture: source kfreebsd-amd64
Version: 1:1.2.3-0.3
Distribution: unstable
Urgency: low
Maintainer: Christian Hübschi <[email protected]>
Changed-By: Robert Millan <[email protected]>
Description: 
 cdrdao     - records CDs in Disk-At-Once (DAO) mode
 gcdmaster  - GNOME GUI for cdrdao
Closes: 533097 590647 644643
Changes: 
 cdrdao (1:1.2.3-0.3) unstable; urgency=low
 .
   * Non-maintainer upload.
   * 15-kfreebsd-gnu.patch: Fix FTBFS on GNU/kFreeBSD, based on patch from
     Christoph Egger.  (Closes: #644643)
   * 16-gcdmaster-segfault.patch: Fix segfault in gcdmaster, thanks
     Adrian Knoth.  (Closes: #590647)
   * 17-cd-text-hldtst.patch: CD-TEXT support for "HL-DT-ST" "DVDRAM GSA-H42L",
     thanks Kees Cook.  (Closes: #533097)
Checksums-Sha1: 
 46dc3ce30147e2b9fd692d85575a09a12e09f9f3 1260 cdrdao_1.2.3-0.3.dsc
 22d43554f21a3f5c82cc5e07c576ae407ea596de 17907 cdrdao_1.2.3-0.3.debian.tar.gz
 2b23f661c026da60dd30b29e02420540ecd727ad 426588 
cdrdao_1.2.3-0.3_kfreebsd-amd64.deb
 6f92f6d742a145d318413bfc5ea0e210a4219326 493826 
gcdmaster_1.2.3-0.3_kfreebsd-amd64.deb
Checksums-Sha256: 
 247a4accac8fe901a64323f7dd66548ef7676a502c802e0c514604248d32758a 1260 
cdrdao_1.2.3-0.3.dsc
 da03448e9234f6c25cf7b4c874e818f0c4b9e9e686691ff1ea159a6933dc8282 17907 
cdrdao_1.2.3-0.3.debian.tar.gz
 3d034ea8bb7691715b9e7482602103b248d24ff38e7d528c4f1acd63b52844b8 426588 
cdrdao_1.2.3-0.3_kfreebsd-amd64.deb
 e6885211edaa3118668fbdd42513e0d9c20725c3cfb36892a8655f5590248ada 493826 
gcdmaster_1.2.3-0.3_kfreebsd-amd64.deb
Files: 
 58f7cfac0d1df9ec1f6d68eb7a82e8f4 1260 otherosfs optional cdrdao_1.2.3-0.3.dsc
 07ac43f3e64a9342ef4f4e6fcd5158fa 17907 otherosfs optional 
cdrdao_1.2.3-0.3.debian.tar.gz
 64cf239e947d3192c46eb5913a922b20 426588 otherosfs optional 
cdrdao_1.2.3-0.3_kfreebsd-amd64.deb
 cb29d9b71faf39118e2d4f43ccb1d942 493826 sound optional 
gcdmaster_1.2.3-0.3_kfreebsd-amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/kFreeBSD)

iEYEARECAAYFAk+BwRAACgkQC19io6rUCv8JpACbBEOUo7GKCufM5vVdyw3SGy0t
4CoAnj60Z+etPPs+sh6zJoXLK2rV4o5e
=ngFX
-----END PGP SIGNATURE-----



--- End Message ---

Reply via email to