[rtmpdump] 64 bit crash fix (undefined union assignment)
gershon.bialer at gmail.com
Sat Oct 1 06:08:57 CEST 2011
I found this bug about a month ago, and posted a patch to this mailing
list. You could have saved your hour if you had read my post.
On Fri, Sep 30, 2011 at 12:52 PM, Kirill Zorin <cyril.zorin at gmail.com> wrote:
> Good news, everyone!
> According to ISO C, assigning (i.e. "a = b;") one union to another only has to copy the "active" member of the union, that is, the last-accessed one. This means that if we assign unions with different active members, the behaviour is undefined because the wrong bytes will be copied; indeed, it crashes on (some!) 64-bit builds for this reason. The attached patch fixes the problem, and as far as I can tell I've fixed it in all relevant locations in librtmp.
> It should be noted that it would be nice if we had some kind of discipline with respect to this in the future, considering that the addition of a union to any existing struct we assign will generate the same problem. This is made worse by the fact that this is the kind of stuff that you can't grep for and have to inspect manually, and that the side effects never manifest at the exact "wrong" location (i.e. the assignment itself), but instead further down the line as the program hopelessly tries to access pointers that were "half-copied", etc. To illustrate, this particular problem took about an hour to find; an hour I could have been wasting instead.
> rtmpdump mailing list
> rtmpdump at mplayerhq.hu
More information about the rtmpdump