Opened 18 years ago
Closed 18 years ago
#289 closed defect (fixed)
Bug in WAV player when frame size is larger than file buffer size (thanks Samuel Vinson)
Reported by: | bennylp | Owned by: | bennylp |
---|---|---|---|
Priority: | normal | Milestone: | release-0.6.0 |
Component: | pjmedia | Version: | 0.5.10.4 |
Keywords: | Cc: | ||
Backport to 1.x milestone: | Backported: |
Description
Samuel Vinson wrote in http://pjsip.org/pipermail/pjsip/2007-May/003286.html:
During nintendo ds porting, I use playfile program (without modification), and I obtain an error when callback play_cb is called. Functions stack : ... play_cb(strm->user_data, strm->timestamp, readbuffer, size=8192) pjmedia_port_get_frame file_get_frame In file_get_frame function fport->read_pos = 0x2075764 fport->buf = 0x2075764 fport->bufsize = 4000 and frame_size = 8192 So we are in the else case first pj_memcpy copies 4000 bytes fill_buffer (I thing 4000 bytes) second pj_memcpy copies 4192 bytes (!!!! BUG !!!) If you call second times play_cb with the same parameters, the problem is earlier : fport->read_pos = 0x20767c4 (fport->buf + 4192) fport->buf = 0x2075764 fport->bufsize = 4000 and frame_size = 4096 So we are in the else case first pj_memcpy tries to copy -192 bytes (0xffffff40) (!!! BUG !!!) I will modify my sizes of buffer to be in lower part of the 4000 bytes but this is a temporary solution. Do you have another solution to correct this problems ? Greetings Samuel
Change History (1)
comment:1 Changed 18 years ago by bennylp
- Resolution set to fixed
- Status changed from new to closed
Note: See
TracTickets for help on using
tickets.
Workaround in r1322 (added assert to prevent application from specifying ptime larger than the buffer size)