Opened 11 years ago
Closed 11 years ago
#9203 closed bug (fixed)
Integer overflow in mixer add-on crashes media_addon_server
| Reported by: | jua | Owned by: | axeld |
|---|---|---|---|
| Priority: | normal | Milestone: | R1 |
| Component: | Kits/Media Kit | Version: | R1/alpha4.1 |
| Keywords: | mixer.media_addon media_addon_server | Cc: | |
| Blocked By: | Blocking: | ||
| Platform: | All |
Description
When using an audio device with high sample rate and a BSoundPlayer with a large buffer, an integer overflow in MixerInput::BufferReceived() in the mixer.media_addon crashes the media_addon_server.
The overflow happens due to wrong casting, I'm attaching a patch which fixes it.
If you look at the line changed by the patch: when fMixBufferFrameRate is 192000 (hda chooses 192kHz as default sample rate for my onboard sound) and in_frames is 16384 (i.e. quite large buffer), the result of the multiplication is 3145728000 which is too large for int32 -- and the cast to double happens only after the multiply. The patch changes it so the cast happens before.
Attachments (1)
Change History (4)
by , 11 years ago
| Attachment: | Fix-MixerInput-overflow.patch added |
|---|
comment:1 by , 11 years ago
| patch: | 0 → 1 |
|---|
Note:
See TracTickets
for help on using tickets.
Fix integer overflow in MixerInput