[Flac-dev] [[email protected]: Bug#274301: libflac4 segfaults on corrupt flac files]

Thu, 30 Sep 2004 17:44:18 -0700 

----- Forwarded message from Don Armstrong <[EMAIL PROTECTED]> -----

Date: Thu, 30 Sep 2004 16:19:41 -0700
From: Don Armstrong <[EMAIL PROTECTED]>
Resent-From: Don Armstrong <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Bug#274301: libflac4 segfaults on corrupt flac files

Severity: normal
Package: libflac4
Version: 1.1.0-11

Running ogg123 on http://rzlab.ucr.edu/debian/libflac/crash.flac
results in a segfault in libFLAC:

(gdb) bt full
#0  0x40205422 in FLAC__bitbuffer_read_rice_signed_block (bb=0x80601b8, 
vals=0x807dd80, nvals=4294967293, parameter=9, 
    read_callback=0x40220080 <read_callback_>, client_data=0x805ba58) at 
bitbuffer.c:2254
        available_bits = 134733184
        buffer = (
    const FLAC__blurb *) 0x8060228 
"o�z\023\017\a��\216���c������vc�\201q\030NE+\030\213�5*�k?�R2�\035�\207iP!�\237��oQ��\207�\202\"�\235\220�\212Us��v��f��\231%\233��qJ��oLF\024�>�j%\237��"
        i = 44552
        j = 8
        val_i = 70816
        cbits = 1
        uval = 631
        msbs = 1
        lsbs_left = 1
        blurb = 158 '\236'
        save_blurb = 196 '�'
        state = 1
#1  0x4021f88d in read_residual_partitioned_rice_ (decoder=0x805ba58, 
predictor_order=3, partition_order=14, partitioned_rice_contents=0x805f478, 
    residual=0x807dd80) at stream_decoder.c:1975
        rice_parameter = 9
        i = 2
        partition = 0
        sample = 0
        u = 4294967293
        partitions = 16384
        partition_samples = 0
#2  0x4021f01f in read_subframe_fixed_ (decoder=0x805ba58, channel=1, bps=16, order=3) 
at stream_decoder.c:1832
        subframe = (FLAC__Subframe_Fixed *) 0x805f988
        i32 = -31667
        u32 = 14
        u = 14
#3  0x4021ecd7 in read_subframe_ (decoder=0x805ba58, channel=1, bps=1) at 
stream_decoder.c:1751
        x = 22
        wasted_bits = 0
#4  0x4021e190 in read_frame_ (decoder=0x805ba58, got_a_frame=0xbffff360) at 
stream_decoder.c:1353
        bps = 4294966980
        channel = 1
        i = 4294966980
        mid = 1
        side = 4608
        left = 8
        frame_crc = 4608
        x = 248
#5  0x4021c6e0 in FLAC__stream_decoder_process_single (decoder=0x805ba58) at 
stream_decoder.c:596
        got_a_frame = 0
#6  0x08053774 in EasyFLAC__process_single (decoder=0x805ba30) at 
../../ogg123/easyflac.c:356
No locals.
#7  0x08052690 in flac_init (source=0x805aa60, ogg123_opts=0x8059d60, 
audio_fmt=0xbffff3e0, callbacks=0xbffff408, callback_arg=0x407ed008)
    at ../../ogg123/flac_format.c:181
        decoder = (decoder_t *) 0x805b990
        private = (flac_private_t *) 0x805b9d0
        ret = -1073745000
#8  0x0804fec0 in play (source_string=0x805b8d0 "crash.flac") at 
../../ogg123/ogg123.c:464
        transport = (transport_t *) 0x80586c0
        format = (format_t *) 0x8058820
        source = (data_source_t *) 0x805aa60
        decoder = (decoder_t *) 0x10000000
        decoder_callbacks = {printf_error = 0x804d0d8 
<decoder_buffered_error_callback>, 
  printf_metadata = 0x804d255 <decoder_buffered_metadata_callback>}
        decoder_callbacks_arg = (void *) 0x407ed008
        old_audio_fmt = {big_endian = 0, word_size = 0, signed_sample = 0, rate = 0, 
channels = 0}
        new_audio_fmt = {big_endian = 0, word_size = 2, signed_sample = 1, rate = 0, 
channels = 0}
        reopen_arg = (audio_reopen_arg_t *) 0x0
        eof = 0
        eos = 0
        ret = 0
        nthc = 0
        ntimesc = 0
        next_status = 0
        status_interval = 0
#9  0x0804fd23 in main (argc=2, argv=0xbffff584) at ../../ogg123/ogg123.c:393
        optind = 1
        playlist_array = (char **) 0x805b8c0
        items = 1
        stat_buf = {st_dev = 2073, __pad1 = 0, st_ino = 3041522, st_mode = 33188, 
st_nlink = 1, st_uid = 1000, st_gid = 1000, st_rdev = 0, __pad2 = 0, 
  st_size = 110592, st_blksize = 4096, st_blocks = 224, st_atim = {tv_sec = 
1096585478, tv_nsec = 271352832}, st_mtim = {tv_sec = 1096585268, 
    tv_nsec = 0}, st_ctim = {tv_sec = 1096585340, tv_nsec = 284815843}, __unused4 = 0, 
__unused5 = 0}
        i = 0
(gdb) info threads
* 1 process 8083  0x40205422 in FLAC__bitbuffer_read_rice_signed_block (bb=0x80601b8, 
vals=0x807dd80, nvals=4294967293, parameter=9, 
    read_callback=0x40220080 <read_callback_>, client_data=0x805ba58) at 
bitbuffer.c:2254
(gdb) 







See http://rzlab.ucr.edu/debian/libflac/core and
http://rzlab.ucr.edu/debian/libflac/ for debugging versions of the
packages used to create the corefile and backtrace.


Don Armstrong

-- 
More than any other time in history, mankind faces a crossroads.
One path leads to despair and utter hopelessness.
The other, to total extinction.
Let us pray we have the wisdom to choose correctly.
 -- Woody Allen

http://www.donarmstrong.com http://rzlab.ucr.edu



----- End forwarded message -----

-- 
 - mdz
_______________________________________________
Flac-dev mailing list
[EMAIL PROTECTED]
http://lists.xiph.org/mailman/listinfo/flac-dev

Reply via email to