Bug 1185558 - oggenc crashes when encoding pcm from stdin
Summary: oggenc crashes when encoding pcm from stdin
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: vorbis-tools
Version: 21
Hardware: x86_64
OS: Linux
unspecified
medium
Target Milestone: ---
Assignee: Kamil Dudka
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
: 836320 (view as bug list)
Depends On:
Blocks: CVE-2014-9640 1569426
TreeView+ depends on / blocked
 
Reported: 2015-01-24 17:26 UTC by Thomas Köller
Modified: 2018-04-19 09:23 UTC (History)
3 users (show)

Fixed In Version: vorbis-tools-1.4.0-13.fc20
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 1569426 (view as bug list)
Environment:
Last Closed: 2015-01-30 04:35:32 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)

Description Thomas Köller 2015-01-24 17:26:15 UTC
Description of problem:

When encoding raw pcm data from a pipe, oggenc crashes when it reaches the end of the input data.

Version-Release number of selected component (if applicable):

vorbis-tools-1.4.0-17.fc21.x86_64

How reproducible:

always

Steps to Reproduce:

dd if=/dev/zero bs=1024 count=100000 status=none | oggenc -r -o test.ogg -

Actual results:

[thomas@sarkovy ~]$ dd if=/dev/zero bs=1024 count=100000 status=none | oggenc -r -o test.ogg -
Encoding standard input to 
         "test.ogg" 
at quality 3.00
	Encoding [ 0m06s so far] \ 

Done encoding file "test.ogg"

	File length:  9m 40.0s
	Elapsed time: 0m 06.6s
	Rate:         88.4670
	Average bitrate: 0.7 kb/s

Segmentation fault (core dumped)

Expected results:

Should not segfault obviously

Additional info:

The above test command is only meant to demonstrate the problem. In reality, the data to encode is produced by cdparanoia reading a CD track.

Comment 1 Kamil Dudka 2015-01-26 11:41:36 UTC
*** Bug 836320 has been marked as a duplicate of this bug. ***

Comment 2 Kamil Dudka 2015-01-26 11:44:35 UTC
Thank you for reporting the bug!  The following patch will fix it:

From: Kamil Dudka <kdudka>
Date: Mon, 26 Jan 2015 12:33:19 +0100
Subject: [PATCH] oggenc: do not use stack variable out of its scope of validity

---
 oggenc/oggenc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/oggenc/oggenc.c b/oggenc/oggenc.c
index ea105b2..759a3ee 100644
--- a/oggenc/oggenc.c
+++ b/oggenc/oggenc.c
@@ -239,7 +239,7 @@ int main(int argc, char **argv)

         if(opt.rawmode)
         {
-            input_format raw_format = {NULL, 0, raw_open, wav_close, "raw",
+            static input_format raw_format = {NULL, 0, raw_open, wav_close, "raw",
                 N_("RAW file reader")};

             enc_opts.rate=opt.raw_samplerate;

Comment 3 Kamil Dudka 2015-01-26 11:48:54 UTC
patch sent upstream:

http://lists.xiph.org/pipermail/vorbis-dev/2015-January/020422.html

Comment 4 Kamil Dudka 2015-01-26 11:54:59 UTC
fixed in vorbis-tools-1.4.0-18.fc22

Comment 5 Fedora Update System 2015-01-26 12:56:22 UTC
vorbis-tools-1.4.0-18.fc21 has been submitted as an update for Fedora 21.
https://admin.fedoraproject.org/updates/vorbis-tools-1.4.0-18.fc21

Comment 6 Fedora Update System 2015-01-26 12:56:30 UTC
vorbis-tools-1.4.0-13.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/vorbis-tools-1.4.0-13.fc20

Comment 7 Fedora Update System 2015-01-27 02:56:40 UTC
Package vorbis-tools-1.4.0-13.fc20:
* should fix your issue,
* was pushed to the Fedora 20 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing vorbis-tools-1.4.0-13.fc20'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2015-1191/vorbis-tools-1.4.0-13.fc20
then log in and leave karma (feedback).

Comment 8 Fedora Update System 2015-01-30 04:35:32 UTC
vorbis-tools-1.4.0-18.fc21 has been pushed to the Fedora 21 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 9 Fedora Update System 2015-02-04 08:01:49 UTC
vorbis-tools-1.4.0-13.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.