[Debburn-devel] icedax cddb crash, patch
Joshua Reuben Roys
roysjosh at msu.edu
Mon Aug 13 16:13:13 UTC 2007
Hello,
icedax was crashing when ripping a CD when it tried to parse the received
titles from CDDB..
Type: ROM, Vendor 'SONY ' Model 'CD-RW CRX216E ' Revision 'PD03'
MMC+CDDA
569344 bytes buffer memory requested, 4 buffers, 55 sectors
#icedax version 1.1.6, real time sched., soundcard, libparanoia support
*** glibc detected *** malloc(): memory corruption: 0x08094c40 ***
valgrind:
==9349== Memcheck, a memory error detector.
==9349== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==9349== Using LibVEX rev 1774, a library for dynamic binary translation.
==9349== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==9349== Using valgrind-3.3.0.SVN, a dynamic binary instrumentation
framework.
==9349== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==9349==
--9349-- Command line
--9349-- /usr/local/bin/icedax
--9349-- dev=/dev/cdrom
--9349-- -vall
--9349-- cddb=0
--9349-- -B
--9349-- -Owav
--9349-- Startup, with flags:
--9349-- -v
--9349-- --leak-check=no
--9349-- --error-limit=no
--9349-- Contents of /proc/version:
--9349-- Linux version 2.6.11.4-21.17-default (geeko at buildhost) (gcc
version 3.3.5 20050117 (prerelease) (SUSE Linux)) #1 Fri Apr 6 08:42:34 UTC
2007
...
#icedax version 1.1.6, real time sched., soundcard, libparanoia support
...
==9349== Invalid write of size 1
==9349== at 0x401E2FB: strcat (mc_replace_strmem.c:186)
==9349== by 0x80601D0: process_cddb_titles (toc.c:941)
==9349== by 0x80616A7: request_titles (toc.c:1458)
==9349== by 0x805F449: FixupTOC (toc.c:507)
==9349== by 0x80536B3: main (icedax.c:2610)
==9349== Address 0x424d954 is 0 bytes after a block of size 28 alloc'd
==9349== at 0x401DCBA: realloc (vg_replace_malloc.c:420)
==9349== by 0x80601AC: process_cddb_titles (toc.c:938)
==9349== by 0x80616A7: request_titles (toc.c:1458)
==9349== by 0x805F449: FixupTOC (toc.c:507)
==9349== by 0x80536B3: main (icedax.c:2610)
It didn't make it much farther than this.
(gdb) run dev=/dev/cdrom -vall cddb=0 -B -Owav
Starting program: /usr/local/bin/icedax dev=/dev/cdrom -vall cddb=0 -B -Owav
Type: ROM, Vendor 'SONY ' Model 'CD-RW CRX216E ' Revision 'PD03'
MMC+CDDA
569344 bytes buffer memory requested, 4 buffers, 55 sectors
#icedax version 1.1.6, real time sched., soundcard, libparanoia support
*** glibc detected *** malloc(): memory corruption: 0x08094c40 ***
Program received signal SIGABRT, Aborted.
0xffffe410 in ?? ()
(gdb) bt
#0 0xffffe410 in ?? ()
#1 0xbfffd810 in ?? ()
#2 0x00000006 in ?? ()
#3 0x00002496 in ?? ()
#4 0x4005c2c1 in raise () from /lib/tls/libc.so.6
#5 0x4005db75 in abort () from /lib/tls/libc.so.6
#6 0x400907aa in __libc_message () from /lib/tls/libc.so.6
#7 0x40096007 in malloc_printerr () from /lib/tls/libc.so.6
#8 0x40097d18 in _int_malloc () from /lib/tls/libc.so.6
#9 0x400995b4 in malloc () from /lib/tls/libc.so.6
#10 0x080602db in process_cddb_titles (sock_fd=7, inbuff=0xbfffe3e0 "210
classical 760ff209 CD database entry follows (until terminating `.')",
readbytes=473)
at /root/sources/cdrkit-1.1.6/icedax/toc.c:969
#11 0x080616a8 in request_titles () at
/root/sources/cdrkit-1.1.6/icedax/toc.c:1458
#12 0x0805f44a in FixupTOC (no_tracks=10) at
/root/sources/cdrkit-1.1.6/icedax/toc.c:507
#13 0x080536b4 in main (argc=6, argv=0xbfffee34) at
/root/sources/cdrkit-1.1.6/icedax/icedax.c:2610
(gdb)
The attached patch let me successfully rip the CD.
Please CC me, I'm not on the list.
Thanks,
Joshua
-------------- next part --------------
A non-text attachment was scrubbed...
Name: icedax.patch
Type: text/x-patch
Size: 455 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/debburn-devel/attachments/20070813/46da1920/attachment.bin
More information about the Debburn-devel
mailing list