Long time ago fixed.
madplay (0.15.2b-8) unstable; urgency=high
.
* Fix buffer overflow in the alsa output code (Closes: #619341)
Thanks to Ben Winslow
* Only build with alsa on linux (Closes: #625649)
** Changed in: madplay (Ubuntu)
Status: Confirmed => Fix Released
--
You
** Changed in: madplay (Debian)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/903526
Title:
madplay crashed with SIGSEGV in _int_free()
To manage notifications ab
Well, nuts, perhaps I should have actually *listened* to the program
running with my patch rather than doing all the work remotely :-]
Revised patch is attached. Not only does this get rid of the
static/stuttering caused by the first one, this one can now handle any
of the different sample sizes/f
The attachment "madplay.patch" of this bug report has been identified as
being a patch. The ubuntu-reviewers team has been subscribed to the bug
report so that they can review the patch. In the event that this is in
fact not a patch you can resolve this situation by removing the tag
'patch' from
** Changed in: madplay (Debian)
Status: Unknown => New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/903526
Title:
madplay crashed with SIGSEGV in _int_free()
To manage notifications about t
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: madplay (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/903526
Title:
mad
** Bug watch added: Debian Bug tracker #619341
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619341
** Also affects: madplay (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619341
Importance: Unknown
Status: Unknown
--
You received this bug notification because y
I've dug into this with a debugger and Valgrind, and found the problem.
It's a buffer overrun.
In audio_alsa.c, the play() function calls audio_pcm() with a "len"
argument of 1152. At 8 bytes per sample, this would fill up a buffer of
9216 bytes. But the buffer "buf" (a static variable in this sam
