Hi, 
Guest
Pic
Sign In

pjsip@lists.pjsip.org

pjsip list

View all threads

Bug in pjmedia/wav_player.c

SR
Sergei Rozinov
Wed, Aug 28, 2019 6:03 PM

Hello folks!
The bug discovered is in wav_player.c: when you invoke pjmedia_wav_player_port_get_pos() right after player has created (the position is 0)or when no loop is specified and player already reached EOF and stopped (the position is again 0) - division by zero occurs.Here is the patch proposed to address this small problem.

--- pjmedia/src/pjmedia/1/wav_player.c    2019-08-23 03:23:24.192815138 +0800+++ pjmedia/src/pjmedia/wav_player.c    2019-08-23 03:32:56.404331754 +0800
@@ -538,7 +538,10 @@
     fport = (struct file_reader_port*) port;
 
     payload_pos = (pj_size_t)(fport->fpos - fport->start_data);
-    if (payload_pos >= fport->bufsize)
+
+    if (payload_pos == 0)
+    return 0;
+    else if (payload_pos >= fport->bufsize)
     return payload_pos - fport->bufsize + (fport->readpos - fport->buf);
     else
     return (fport->readpos - fport->buf) % payload_pos;

Hello folks! The bug discovered is in wav_player.c: when you invoke pjmedia_wav_player_port_get_pos() right after player has created (the position is 0)or when no loop is specified and player already reached EOF and stopped (the position is again 0) - division by zero occurs.Here is the patch proposed to address this small problem. --- pjmedia/src/pjmedia/1/wav_player.c    2019-08-23 03:23:24.192815138 +0800+++ pjmedia/src/pjmedia/wav_player.c    2019-08-23 03:32:56.404331754 +0800 @@ -538,7 +538,10 @@      fport = (struct file_reader_port*) port;        payload_pos = (pj_size_t)(fport->fpos - fport->start_data); -    if (payload_pos >= fport->bufsize) + +    if (payload_pos == 0) +    return 0; +    else if (payload_pos >= fport->bufsize)      return payload_pos - fport->bufsize + (fport->readpos - fport->buf);      else      return (fport->readpos - fport->buf) % payload_pos;
NI
Nanang Izzuddin
Wed, Sep 4, 2019 9:59 AM

Hi Sergei,

Just checked in the patch to SVN trunk:
https://trac.pjsip.org/repos/changeset/6061.
Thank you for the patch.

BR,
nanang

On Thu, Aug 29, 2019 at 1:04 AM Sergei Rozinov via pjsip <
pjsip@lists.pjsip.org> wrote:

Hello folks!

The bug discovered is in wav_player.c: when you invoke pjmedia_wav_player_port_get_pos()
right after player has created (the position is 0)
or when no loop is specified and player already reached EOF and stopped
(the position is again 0) - division by zero occurs.
Here is the patch proposed to address this small problem.

--- pjmedia/src/pjmedia/1/wav_player.c    2019-08-23 03:23:24.192815138
+0800
+++ pjmedia/src/pjmedia/wav_player.c    2019-08-23 03:32:56.404331754 +0800
@@ -538,7 +538,10 @@
fport = (struct file_reader_port*) port;

  payload_pos = (pj_size_t)(fport->fpos - fport->start_data);
  • if (payload_pos >= fport->bufsize)
  • if (payload_pos == 0)
  • return 0;
  • else if (payload_pos >= fport->bufsize)
    return payload_pos - fport->bufsize + (fport->readpos - fport->buf);
    else
    return (fport->readpos - fport->buf) % payload_pos;

Visit our blog: http://blog.pjsip.org

pjsip mailing list
pjsip@lists.pjsip.org
http://lists.pjsip.org/mailman/listinfo/pjsip_lists.pjsip.org

Hi Sergei, Just checked in the patch to SVN trunk: https://trac.pjsip.org/repos/changeset/6061. Thank you for the patch. BR, nanang On Thu, Aug 29, 2019 at 1:04 AM Sergei Rozinov via pjsip < pjsip@lists.pjsip.org> wrote: > Hello folks! > > The bug discovered is in wav_player.c: when you invoke pjmedia_wav_player_port_get_pos() > right after player has created (the position is 0) > or when no loop is specified and player already reached EOF and stopped > (the position is again 0) - division by zero occurs. > Here is the patch proposed to address this small problem. > > > > --- pjmedia/src/pjmedia/1/wav_player.c 2019-08-23 03:23:24.192815138 > +0800 > +++ pjmedia/src/pjmedia/wav_player.c 2019-08-23 03:32:56.404331754 +0800 > @@ -538,7 +538,10 @@ > fport = (struct file_reader_port*) port; > > payload_pos = (pj_size_t)(fport->fpos - fport->start_data); > - if (payload_pos >= fport->bufsize) > + > + if (payload_pos == 0) > + return 0; > + else if (payload_pos >= fport->bufsize) > return payload_pos - fport->bufsize + (fport->readpos - fport->buf); > else > return (fport->readpos - fport->buf) % payload_pos; > > > _______________________________________________ > Visit our blog: http://blog.pjsip.org > > pjsip mailing list > pjsip@lists.pjsip.org > http://lists.pjsip.org/mailman/listinfo/pjsip_lists.pjsip.org >
Empathy v1.0   2025 ©emwd.com
Documentation