A potential bug of NPD #863
Comments
|
Yes, it is technically a bug. However, most of the time, unless you are setting RLIMIT_AS to be very low, |
|
There are probably many instances where we don't check for null malloc return values. Yes, we can fix this, but I fear that there will still be other areas in libsndfile or its libraries that don't check for malloc returning null. Pick your poison, a null pointer dereference caused seg-fault, or an OOM killer triggered death. |
According to the results of our analysis tool (although we set a timeout for analysis and some heuristic pruning work), this is the only NPD that exists explicitly between libsndfile and other library due to absence of malloc-fail check |
|
We can get a MR up to fix this soon... (it's a long weekend for me :) ). |
|
Thanks for the report. Closing as fixed. |
Hi, I found a potential null pointer dereference bug in the project source code of libsndfile, and I have shown the execution sequence of the program that may generate the bug on the graph below. The red text illustrates the steps that generate the bug, the red arrows represent the call relationships,the file path can be seen in the blue framed section.
Although the code shown is for version 1.0.28 and no longer exist in current version ,bug the same usage of function ogg_sunc_buffer,which is shown below, is still exist in the current version
libsndfile/src/ogg.c
Lines 299 to 300 in 718e305
would you can help to check if this bug is true?thank you for your effort and patience!
The text was updated successfully, but these errors were encountered: