a div zero vul in function wav_w64_read_fmt_chunk() in libsndfile 1.0.25-4ubuntu0.1 source package in Ubuntu #341
Labels
wontfix
This will not be worked on
Comments
|
Version 1.0.25 is ancient. Does this problem occur with the latest release 1.0.28 or git HEAD? If it does, please provide the file that causes this crash. |
|
It seems that you have fixed this issue in the latest release. |
|
Thanks. Closing this. |
|
Does any one could tell me that which commit-id fixes this issue ? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
root@yhk-RH2485-V2:
/ljl/aubio/examples# gdb ./aubiomfcc14.04.3) 7.7.1GNU gdb (Ubuntu 7.7.1-0ubuntu5
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
http://www.gnu.org/software/gdb/bugs/.
Find the GDB manual and other documentation resources online at:
http://www.gnu.org/software/gdb/documentation/.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./aubiomfcc...done.
(gdb) r -i hfl-crash-1-{rva_0x1ED01}{code_0x8}{libsndfile.so.1}
Starting program: /root/ljl/aubio/examples/aubiomfcc -i hfl-crash-1-{rva_0x1ED01}{code_0x8}{libsndfile.so.1}
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Program received signal SIGFPE, Arithmetic exception.
0x00007ffff788aaab in wav_w64_read_fmt_chunk (psf=psf@entry=0x6140f0,
fmtsize=50) at wav_w64.c:242
242 bytespersec = (wav_fmt->min.samplerate * wav_fmt->min.blockalign) / wav_fmt->msadpcm.samplesperblock ;
(gdb) bt
#0 0x00007ffff788aaab in wav_w64_read_fmt_chunk (psf=psf@entry=0x6140f0,
fmtsize=50) at wav_w64.c:242
#1 0x00007ffff788ca40 in wav_read_header (
framesperblock=, blockalign=,
psf=0x6140f0) at wav.c:383
#2 wav_open (psf=psf@entry=0x6140f0) at wav.c:190
#3 0x00007ffff78773f4 in psf_open_file (psf=0x6140f0,
sfinfo=sfinfo@entry=0x7fffffffe2d0) at sndfile.c:2725
#4 0x00007ffff78775e0 in sf_open (
path=path@entry=0x6140b0 "hfl-crash-1-{rva_0x1ED01}{code_0x8}{libsndfile.so.1}", mode=mode@entry=16, sfinfo=sfinfo@entry=0x7fffffffe2d0) at sndfile.c:332
#5 0x00000000004051dc in new_aubio_source_sndfile (
path=path@entry=0x7fffffffe729 "hfl-crash-1-{rva_0x1ED01}{code_0x8}{libsndfile.so.1}", samplerate=samplerate@entry=0, hop_size=hop_size@entry=256)
at ../src/io/source_sndfile.c:95
#6 0x0000000000404a93 in new_aubio_source (
uri=0x7fffffffe729 "hfl-crash-1-{rva_0x1ED01}{code_0x8}{libsndfile.so.1}", samplerate=0, hop_size=256) at ../src/io/source.c:90
#7 0x0000000000402574 in examples_common_init ()
#8 0x00000000004023af in main ()
(gdb) x/4i $pc
=> 0x7ffff788aaab <wav_w64_read_fmt_chunk+1851>: div %r9d
0x7ffff788aaae <wav_w64_read_fmt_chunk+1854>: cmp %edi,%eax
0x7ffff788aab0 <wav_w64_read_fmt_chunk+1856>: mov %eax,%ecx
0x7ffff788aab2 <wav_w64_read_fmt_chunk+1858>:
je 0x7ffff788b151 <wav_w64_read_fmt_chunk+3553>
(gdb) i r
rax 0x1f4000 2048000
rbx 0x6140f0 6373616
rcx 0x4 4
rdx 0x0 0
rsi 0x1f40 8000
rdi 0x1000 4096
rbp 0x32 0x32
rsp 0x7fffffffe0f0 0x7fffffffe0f0
r8 0x100 256
r9 0x0 0
r10 0x1 1
r11 0x246 582
r12 0x622830 6432816
r13 0x622678 6432376
r14 0x16 22
r15 0x0 0
rip 0x7ffff788aaab 0x7ffff788aaab <wav_w64_read_fmt_chunk+1851>
eflags 0x10206 [ PF IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
---Type to continue, or q to quit---
The text was updated successfully, but these errors were encountered: