969259 – Crash with MALLOC_CHECK_ in metaflac when adding seekpoints

Bug 969259 - Crash with MALLOC_CHECK_ in metaflac when adding seekpoints

Summary: Crash with MALLOC_CHECK_ in metaflac when adding seekpoints

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	flac
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Miroslav Lichvar
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-05-31 04:05 UTC by Ben Boeckel
Modified:	2013-06-08 03:32 UTC (History)
CC List:	1 user (show)
Fixed In Version:	flac-1.3.0-2.fc19
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2013-06-08 03:32:20 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Ben Boeckel 2013-05-31 04:05:56 UTC

Description of problem:
The following command segfaults with a glibc memory fault backtrace with MALLOC_CHECK_=3, aborts with =2, and just prints out an invalid pointer to free() at =1. Everything is fine at =0.

metaflac --preserve-modtime --add-seekpoint=1s "path/to/flac/file"

Files which I can confirm this occurs with are available (CC-BY-NC 3.0) from:

http://illegal-art.net/girltalk/shop

I used the split flacs from the "All Day" album, but I suspect this with any flac file.

Backtrace from a coredump (-debuginfo isn't fitting through my tiny pipe here)

#0  0x00007fd89af50ad9 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1  0x00007fd89af521e8 in __GI_abort () at abort.c:90
#2  0x00007fd89af90e07 in __libc_message (do_abort=do_abort@entry=2, fmt=fmt@entry=0x7fd89b098d48 "*** Error in `%s': %s: 0x%s ***\n")
    at ../sysdeps/unix/sysv/linux/libc_fatal.c:196
#3  0x00007fd89af9a876 in malloc_printerr (ptr=<optimized out>, str=0x7fd89b096431 "free(): invalid pointer", action=3) at malloc.c:4916
#4  free_check (mem=<optimized out>, caller=<optimized out>) at hooks.c:279
#5  0x000000000040a1d6 in free_options ()
#6  0x00000000004035ef in main ()

Version-Release number of selected component (if applicable):
flac-1.3.0-1.fc20.x86_64

How reproducible:
Always

Comment 1 Miroslav Lichvar 2013-06-03 11:43:20 UTC

Thanks for the report, it looks like a serious bug. It should be fixed in flac-1.3.0-2.fc19.

Comment 2 Fedora Update System 2013-06-03 11:55:25 UTC

flac-1.3.0-2.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/flac-1.3.0-2.fc19

Comment 3 Fedora Update System 2013-06-03 14:41:56 UTC

Package flac-1.3.0-2.fc19:
* should fix your issue,
* was pushed to the Fedora 19 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing flac-1.3.0-2.fc19'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2013-9909/flac-1.3.0-2.fc19
then log in and leave karma (feedback).

Comment 4 Fedora Update System 2013-06-08 03:32:20 UTC

flac-1.3.0-2.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.