On 22/12/17 21:11, Rocky Bernstein wrote: > Thanks - this helps. > > And the timing is fortuitous as I am about to put out another release. You > can check that the patch was applied > correctly along with the other bug fixes by downloading the tarball at > https://rocky.github.io/libcdio-2.0.0rc1.tar.bz2 >
I've checked https://rocky.github.io/libcdio-2.0.0rc1.tar.bz2 and my patch doesn't seem to have been applied. In fact the line that has been removed is the call to cdtext_destroy(), but that is still required because it does more than just free penv->cdtext. > On Fri, Dec 22, 2017 at 1:59 PM, Chris Clayton <[email protected] > <mailto:[email protected]>> wrote: > > e9340644362825a2133a8a784d1240edeb65df86 changed cdtext_destroy() by > adding a call to free() to release the memory used > by the cdtext_t argument. However, when cdtext_destroy() is called by > get_cd_generic(), the latter then attempts to free > the cdtext_t again, resulting in an double-free error in glibc. (In turn, > that means that it is impossible to play audio > cds with the audacious media player.) The patch below fixes this. > > --- libcdio-1.1.0/lib/driver/_cdio_generic.c.orig 2017-12-08 > 19:42:57.000000000 +0000 > +++ libcdio-1.1.0/lib/driver/_cdio_generic.c 2017-12-22 > 18:47:29.303972609 +0000 > @@ -297,7 +297,6 @@ get_cdtext_generic (void *p_user_data) > if(len <= 0 || 0 != cdtext_data_init (p_env->cdtext, > &p_cdtext_data[4], len)) { > p_env->b_cdtext_error = true; > cdtext_destroy (p_env->cdtext); > - free(p_env->cdtext); > p_env->cdtext = NULL; > } > > Hope this helps and thanks for your work on libcdio. > > Chris > >
