Opened 7 years ago
Closed 7 years ago
#2116 closed defect (fixed)
iLBC using memcpy instead of memmove for overlapping mem
Reported by: | riza | Owned by: | bennylp |
---|---|---|---|
Priority: | normal | Milestone: | release-2.8 |
Component: | third-party | Version: | trunk |
Keywords: | Cc: | ||
Backport to 1.x milestone: | Backported: | no |
Description
When testing pjsip on Raspberry Pi, it is reported that some weird sound issue happen if call lasted longer than ~30s.
When checked with address sanitizer tools, the output is like this:
==3210==ERROR: AddressSanitizer: memcpy-param-overlap: memory ranges [0x6f5fd020,0x6f5fd1cc) and [0x6f5fd0c0, 0x6f5fd26c) overlap #0 0x59e37 in __interceptor_memcpy.part.36 (/home/pi/projects/sip/pjsip/simple_pjsua/simple_pjsua+0x59e37) #1 0x4dc79f in iLBC_encode ../../ilbc/iLBC_encode.c:311 #2 0x2c7693 in ilbc_codec_encode ../src/pjmedia-codec/ilbc.c:754 #3 0x3316f7 in pjmedia_codec_encode ../include/pjmedia/codec.h:1069
The issue is that iLBC sometimes uses memcpy() even when the source and the target storage overlap. This causes undefined behaviour and memmove() should be used in such cases (instead of memcpy()).
Similar issue was reported at https://issues.asterisk.org/jira/browse/ASTERISK-20231.
Thanks to Christian Hoff for the report and patch.
Change History (1)
comment:1 Changed 7 years ago by riza
- Resolution set to fixed
- Status changed from new to closed
Note: See
TracTickets for help on using
tickets.
In 5798: