[MPlayer-dev-eng] Re: [patch] "-playlist radios.asx" crash mplayer

Rémi Guyomarch rguyom at pobox.com
Tue Apr 23 00:03:13 CEST 2002 

On Mon, Apr 22, 2002 at 11:37:08PM +0200, Alban Bedel wrote:
> Hi Rémi Guyomarch,
> 
> on Mon, 22 Apr 2002 23:05:28 +0200 you wrote:
> 
> > The included .asx file will crash mplayer cvs-current.
> > The problem seems to be the detection of EOF. This file ends with an
> > empty line and the parser/loader doesn't seem to like it.
> 
> Work just fine here. It's my file and I tested it before last commit.
> 
> > MPlayer crash in strncpy() called from line 89 of playtreeparser.c
> > because line_end - p->iter == 0.

Hmmm, in fact line_end - p->iter == -1, see below.

> > I'm including a patch which seems to fix the crash but it can be total
> > junk, since I can't grok a single line of this damn
> > play_tree_parser_get_line() function ! ;)
> 
> This function musn't return NULL before the end of the file. With this patch
> parsing will end at the first empty line. Anyway I'd like to have a bugreport
> for this as I can't reproduce it, even if I put many empty line all over the file.

Ok, here it is :

rguyom at diabolic-cow ~/src/mplayer # rm playtreeparser.c mplayer.core
rguyom at diabolic-cow ~/src/mplayer # cvs -q update -dP
? fixmp
? myconfigure
? TOOLS/cpuinfo
M Makefile
M configure
P mplayer.c
U playtreeparser.c
M DOCS/encoding.html
M DOCS/mencoder.1
P Gui/interface.c
P Gui/interface.h
U libavcodec/README
M libmpcodecs/ve_lavc.c
cvs server: libavcodec/README is no longer in the repository
M libavcodec/avcodec.h
M libavcodec/mpegvideo.c
rguyom at diabolic-cow ~/src/mplayer # gmake distclean
(cleaning...)
rguyom at diabolic-cow ~/src/mplayer # gmake
(gazillons of lines...)
rguyom at diabolic-cow ~/src/mplayer # gdb mplayer
GNU gdb 4.18
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-unknown-freebsd"...
(gdb) set args -v -playlist ~/radios.asx
(gdb) run
Starting program: /usr/home/rguyom/src/mplayer/mplayer -v -playlist ~/radios.asx


MPlayer CVS-020422-23:49-2.95.3 (C) 2000-2002 Arpad Gereoffy (see DOCS!)

CPU vendor name: AuthenticAMD  max cpuid level: 1
CPU: Advanced Micro Devices K6-2 (Type: 5, Stepping: 12)
extended cpuid-level: 5
CPUflags: Type: 5 MMX: 1 MMX2: 0 3DNow: 1 3DNow2: 0 SSE: 0 SSE2: 0
Compiled for x86 CPU with features: MMX 3DNow
/home/rguyom/.mplayer/config(2): option: vo
/home/rguyom/.mplayer/config(2): parameter: xv
/home/rguyom/.mplayer/config(3): option: fs
/home/rguyom/.mplayer/config(3): parameter: 1
/home/rguyom/.mplayer/config(4): option: quiet
/home/rguyom/.mplayer/config(4): parameter: 1
/home/rguyom/.mplayer/config(5): option: framedrop
/home/rguyom/.mplayer/config(5): parameter: 1
/home/rguyom/.mplayer/config(6): option: osdlevel
/home/rguyom/.mplayer/config(6): parameter: 0
/home/rguyom/.mplayer/config(8): option: dvd-device
/home/rguyom/.mplayer/config(8): parameter: /dev/acd1c
/home/rguyom/.mplayer/config(9): option: fsmode
/home/rguyom/.mplayer/config(9): parameter: 1

Program received signal SIGSEGV, Segmentation fault.
0x282da1dc in strncpy () from /usr/lib/libc_r.so.4
(gdb) bt
#0  0x282da1dc in strncpy () from /usr/lib/libc_r.so.4
#1  0x806da19 in play_tree_parser_get_line (p=0x83d00e0) at playtreeparser.c:89
#2  0x806dc74 in parse_asx (p=0x83d00e0) at playtreeparser.c:180
#3  0x806e3ea in play_tree_parser_get_play_tree (p=0x83d00e0) at playtreeparser.c:432
#4  0x806e1fe in parse_playtree (stream=0x83e4000) at playtreeparser.c:358
#5  0x806e2a2 in parse_playlist_file (file=0xbfbff75a "/home/rguyom/radios.asx")
    at playtreeparser.c:383
#6  0x8068aa7 in config_is_entry_option (config=0x83e2080, opt=0xbfbff751 "playlist", 
    param=0xbfbff75a "/home/rguyom/radios.asx") at cfgparser.c:317
#7  0x806901c in config_read_option (config=0x83e2080, conf_list=0x83d00c0, 
    opt=0xbfbff751 "playlist", param=0xbfbff75a "/home/rguyom/radios.asx") at cfgparser.c:472
#8  0x8069ce0 in m_config_set_option (config=0x83e2080, opt=0xbfbff751 "playlist", 
    param=0xbfbff75a "/home/rguyom/radios.asx") at cfgparser.c:794
#9  0x806a618 in m_config_parse_command_line (config=0x83e2080, argc=4, argv=0xbfbff60c, 
    envp=0xbfbff620) at cfgparser.c:1078
#10 0x806242c in main (argc=4, argv=0xbfbff60c, envp=0xbfbff620) at mplayer.c:569
#11 0x8061abd in _start ()
(gdb) frame 1
#1  0x806da19 in play_tree_parser_get_line (p=0x83d00e0) at playtreeparser.c:89
89        strncpy(p->line,p->iter,line_end - p->iter);
(gdb) list
84      
85        line_end = ((*(end-1)) == '\r') ? end-1 : end;
86        p->line = (char*)realloc(p->line,line_end - p->iter+1);
87        if(!p->line)
88          return NULL;
89        strncpy(p->line,p->iter,line_end - p->iter);
90        p->line[line_end - p->iter] = '\0';
91        if(end != '\0')
92          end++;
93      
(gdb) print line_end
$1 = 0x83e681b ""
(gdb) print *p
$2 = {stream = 0x83e4000, buffer = 0x83e6000 "", iter = 0x83e681c "", line = 0x83e3060 "", 
  buffer_size = 3072, buffer_end = 2075, deep = 0, keep = 1}
(gdb) print line_end - p->iter
$3 = -1
(gdb) q
The program is running.  Exit anyway? (y or n) y


-- 
Rémi

More information about the MPlayer-dev-eng mailing list