From owner-freebsd-ports-bugs@freebsd.org Thu Jun 29 22:49:23 2017 Return-Path: Delivered-To: freebsd-ports-bugs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 83F6DDA742A for ; Thu, 29 Jun 2017 22:49:23 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 714B376AD2 for ; Thu, 29 Jun 2017 22:49:23 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v5TMnM8o025349 for ; Thu, 29 Jun 2017 22:49:23 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 220374] audio/id3lib: stack corruption and stack overflow abort (3.8.3) Date: Thu, 29 Jun 2017 22:49:22 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: bob@eager.cx X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-ports-bugs@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter cc flagtypes.name attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Jun 2017 22:49:23 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D220374 Bug ID: 220374 Summary: audio/id3lib: stack corruption and stack overflow abort (3.8.3) Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: freebsd-ports-bugs@FreeBSD.org Reporter: bob@eager.cx CC: kaeru@inigo-tech.com Flags: maintainer-feedback?(kaeru@inigo-tech.com) CC: kaeru@inigo-tech.com Created attachment 183926 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D183926&action= =3Dedit Patch as described in PR This bug is due to a mis-sized array, and is visible when running easytag, although I suspect that it's intermittent. Cause: a mis-sized array in mp3_parse.cpp at line 472. It should be 120, not 116 (see #define at line 468). The amount read into this array is set at li= ne 497 onwards, and is dynamic; however, the maximum is 120, not 116! This probably causes an intermittent stack corruption. This is an upstream bug that was said to have been fixed years ago, but the distfile on SourceForge (used by the port) does not include the fix. Patch for the port attached (put in files/). --=20 You are receiving this mail because: You are the assignee for the bug.=