Date: Thu, 29 Jun 2017 22:49:22 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 220374] audio/id3lib: stack corruption and stack overflow abort (3.8.3) Message-ID: <bug-220374-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D220374 Bug ID: 220374 Summary: audio/id3lib: stack corruption and stack overflow abort (3.8.3) Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: freebsd-ports-bugs@FreeBSD.org Reporter: bob@eager.cx CC: kaeru@inigo-tech.com Flags: maintainer-feedback?(kaeru@inigo-tech.com) CC: kaeru@inigo-tech.com Created attachment 183926 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D183926&action= =3Dedit Patch as described in PR This bug is due to a mis-sized array, and is visible when running easytag, although I suspect that it's intermittent. Cause: a mis-sized array in mp3_parse.cpp at line 472. It should be 120, not 116 (see #define at line 468). The amount read into this array is set at li= ne 497 onwards, and is dynamic; however, the maximum is 120, not 116! This probably causes an intermittent stack corruption. This is an upstream bug that was said to have been fixed years ago, but the distfile on SourceForge (used by the port) does not include the fix. Patch for the port attached (put in files/). --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-220374-13>