Closed Bug 550184 Opened 10 years ago Closed 10 years ago

vorbis_analysis_headerout calls oggpack_writeclear with uninitialized ogb if !v->backend_state

Categories

(Core :: Audio/Video, defect, major)

x86
All
defect
Not set
major

Tracking

()

RESOLVED FIXED
Tracking Status
status1.9.2 --- .2-fixed
status1.9.1 --- .9-fixed

People

(Reporter: timeless, Assigned: cajbir)

References

(Blocks 1 open bug, )

Details

(Keywords: coverity)

Attachments

(1 file)

567  	int vorbis_analysis_headerout(vorbis_dsp_state *v,
568  	                              vorbis_comment *vc,
569  	                              ogg_packet *op,
570  	                              ogg_packet *op_comm,
571  	                              ogg_packet *op_code){

574  	  oggpack_buffer opb;
575  	  private_state *b=v->backend_state;

577  	  if(!b){
578  	    ret=OV_EFAULT;
579  	    goto err_out;

630  	 err_out:
631  	  oggpack_writeclear(&opb);
Raised as trac ticket #1656 in the Xiph bug system:

https://trac.xiph.org/ticket/1656
Patch suggested by Tim Terryberry:

http://pastebin.com/SzAsqYaM
Assignee: nobody → chris.double
Attached patch FixSplinter Review
Patch attached based on Tim's patch (Apologies for spelling Tim's last name wrong in the previous comment).
Attachment #430413 - Flags: review?(chris)
Attachment #430413 - Flags: review?(chris) → review+
Keywords: checkin-needed
http://hg.mozilla.org/mozilla-central/rev/d63280421a8d

We should get this on branch eh?
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Attachment #430413 - Flags: approval1.9.2.2?
Attachment #430413 - Flags: approval1.9.1.9?
Comment on attachment 430413 [details] [diff] [review]
Fix

a=beltzner for 1.9.2.2 and 1.9.1.9
Attachment #430413 - Flags: approval1.9.2.2?
Attachment #430413 - Flags: approval1.9.2.2+
Attachment #430413 - Flags: approval1.9.1.9?
Attachment #430413 - Flags: approval1.9.1.9+
Whiteboard: [needs 191 landing][needs 192 landing]
Thanks timeless!
Whiteboard: [needs 191 landing][needs 192 landing]
Is there a way to test this?
Not that I'm aware of.
You need to log in before you can comment on or make changes to this bug.