- Status Closed
- Percent Complete
- Task Type Bugs
- Category Codecs
- Assigned To No-one
- Operating System All players
- Severity High
- Priority Very Low
- Reported Version Release 3.9
- Due in Version Undecided
-
Due Date
Undecided
- Votes
- Private
FS#12245 - Memory corruption in libfaad
Hi,
libfaad currently has a memory corruption issue here:
[apps/codecs/libfaad/syntax.c:2206]: (error) Buffer access out-of-bounds: drc.exclude_mask
To save some RAM, the define MAX_CHANNLES was turned down
from 64 to 2. The code has some minimum assumptions about the size
of exclude_mask and additional_excluded_chns.
Dunno what the correct fix is, for now I would turn back MAX_CHANNELS to 64
to prevent a crash.
Cheers,
Thomas
Closed by Buschel
2011-08-26 12:38
Reason for closing: Fixed
Additional comments about closing: Warning: Undefined array key "typography" in /home/rockbox/flyspray/plugins/dokuwiki/inc/parserutils.php on line 371 Warning: Undefined array key "camelcase" in /home/rockbox/flyspray/plugins/dokuwiki/inc/parserutils.php on line 407
2011-08-26 12:38
Reason for closing: Fixed
Additional comments about closing: Warning: Undefined array key "typography" in /home/rockbox/flyspray/plugins/dokuwiki/inc/parserutils.php on line 371 Warning: Undefined array key "camelcase" in /home/rockbox/flyspray/plugins/dokuwiki/inc/parserutils.php on line 407
Fix submitted with r30356.
Loading...
Available keyboard shortcuts
- Alt + ⇧ Shift + l Login Dialog / Logout
- Alt + ⇧ Shift + a Add new task
- Alt + ⇧ Shift + m My searches
- Alt + ⇧ Shift + t focus taskid search
Tasklist
- o open selected task
- j move cursor down
- k move cursor up
Task Details
- n Next task
- p Previous task
- Alt + ⇧ Shift + e ↵ Enter Edit this task
- Alt + ⇧ Shift + w watch task
- Alt + ⇧ Shift + y Close Task
Task Editing
- Alt + ⇧ Shift + s save task
Do you experience this crash, or is this the result of a static code analysis? I am not sure whether the problematic code section in the DRC-handling is called, if the file has more than MAX_CHANNELS channels. If you have any file that results in such crash, please provide it for further detailed analysis.
Edit: A simple workaround would be to allow the related arrays to have a size of 64 – like the attached patch does. We should not rollback the MAX_CHANNEL change as it allows to move data arrays into IRAM and speed up the decoder a lot.
Result of static code analysis. Your fix looks sane, didn't come up with that yesterday (and wouldn't even today ;))