Some discs can cause multimedia/libdvdnav 4.2.0 to segfault in dvdnav_describe_title_chapters(): (gdb) where #0 0x0000000802a17956 in dvdnav_describe_title_chapters (this=0x80d90be00, title=35, times=0x7fffff7f9a90, duration=0x7fffff7f9a98) at /usr/obj-ports/usr/ports/multimedia/libdvdnav/work/libdvdnav-4.2.0/src/searching.c:633 #1 0x0000000802806b06 in DemuxTitles (p_demux=<optimized out>) at dvdnav.c:1005 #2 Open (p_this=<optimized out>) at dvdnav.c:320 #3 0x0000000800ad5528 in generic_start (func=0x8028060c0, ap=0x7fffff7f9bc0) at modules/modules.c:413 #4 0x0000000800ad50ff in vlc_module_load (p_this=0x80d81b158, psz_capability=0x800b1582c "access_demux", psz_name=0x80d810068 "dvd", b_strict=true, probe=0x800ad54b0 <generic_start>) at modules/modules.c:342 #5 0x0000000800ad55ef in module_need (obj=0x80d81b158, cap=0x800b1582c "access_demux", name=0x80d810068 "dvd", strict=true) at modules/modules.c:428 #6 0x0000000800a83dbb in demux_New (p_obj=0x806428078, p_parent_input=0x806428078, psz_access=0x80d851040 "dvd", psz_demux=0x800b17349 "", psz_location=0x80d851046 "/dev/cd0", s=0x0, out=0x80d812040, b_quick=false) at input/demux.c:194 #7 0x0000000800a99b90 in InputSourceInit (p_input=0x806428078, in=0x80642b8b0, psz_mrl=0x80ae21340 "dvd:///dev/cd0", psz_forced_demux=0x0, b_in_can_fail=false) at input/input.c:2391 #8 0x0000000800a96730 in Init (p_input=0x806428078) at input/input.c:1237 #9 0x0000000800a93ed5 in Run (obj=0x806428078) at input/input.c:539 #10 0x00000008016d59f9 in thread_start (curthread=0x806454400) at /usr/src/lib/libthr/thread/thr_create.c:284 #11 0x0000000000000000 in ?? () (gdb) f 0 #0 0x0000000802a17956 in dvdnav_describe_title_chapters (this=0x80d90be00, title=35, times=0x7fffff7f9a90, duration=0x7fffff7f9a98) at /usr/obj-ports/usr/ports/multimedia/libdvdnav/work/libdvdnav-4.2.0/src/searching.c:633 633 if(!(cell->block_type == BLOCK_TYPE_ANGLE_BLOCK && (gdb) p cell->block_type Cannot access memory at address 0x200d812838 [...] (gdb) p cellnr $5 = 0 The port also ignores WITH_DEBUG which doesn't help when analyzing core dumps. Fix: The attached update to 4.2.0_1 contains an upstream patch from Erik Hovland that fixes the problem. It also lets the port honor WITH_DEBUG in case of crashes in the future. Patch attached with submission follows: How-To-Repeat: Open the first disc of Grey's Anatomy Season 2 RC2 with VLC 2.1. The "current" VLC version in the ports isn't affected, I assume it doesn't use dvdnav_describe_title_chapters() yet, but didn't investigate this.
Responsible Changed From-To: freebsd-ports-bugs->martymac Over to maintainer (via the GNATS Auto Assign Tool)
Author: martymac Date: Wed Aug 1 12:40:29 2012 New Revision: 301826 URL: http://svn.freebsd.org/changeset/ports/301826 Log: - Add DEBUG option [1] - Fix crash with some discs [1] - Un-version LIB_DEPENDS PR: ports/169698 [1] Submitted by: Fabian Keil <fk@fabiankeil.de> [1] Added: head/multimedia/libdvdnav/files/patch-src-searching.c (contents, props changed) Modified: head/multimedia/libdvdnav/Makefile (contents, props changed) Modified: head/multimedia/libdvdnav/Makefile ============================================================================== --- head/multimedia/libdvdnav/Makefile Wed Aug 1 12:26:01 2012 (r301825) +++ head/multimedia/libdvdnav/Makefile Wed Aug 1 12:40:29 2012 (r301826) @@ -7,6 +7,7 @@ PORTNAME= libdvdnav PORTVERSION= 4.2.0 +PORTREVISION= 1 CATEGORIES= multimedia # Svn repository URL : svn://svn.mplayerhq.hu/dvdnav/trunk/libdvdnav MASTER_SITES= http://dvdnav.mplayerhq.hu/releases/ \ @@ -18,7 +19,7 @@ COMMENT= MPlayer version of the libdvdna LICENSE= GPLv2 -LIB_DEPENDS= dvdread.4:${PORTSDIR}/multimedia/libdvdread +LIB_DEPENDS= dvdread:${PORTSDIR}/multimedia/libdvdread USE_BZIP2= yes HAS_CONFIGURE= yes @@ -29,14 +30,23 @@ CONFIGURE_ARGS= --prefix="${PREFIX}" \ --shlibdir="${PREFIX}/lib" \ --incdir="${PREFIX}/include/dvdnav" \ --disable-opts \ - --disable-debug \ --cc="${CC}" USE_GMAKE= yes CONFLICTS= libdvdnav-mplayer-[0-9]* USE_LDCONFIG= yes +OPTIONS_DEFINE= DEBUG + +.include <bsd.port.pre.mk> + +.if ${PORT_OPTIONS:MDEBUG} +CONFIGURE_ARGS+= --enable-debug --disable-strip +.else +CONFIGURE_ARGS+= --disable-debug +.endif + post-patch: @${REINPLACE_CMD} -e 's|^threadlib="-lpthread"|threadlib="${PTHREAD_LIBS}"|g' \ ${WRKSRC}/configure2 -.include <bsd.port.mk> +.include <bsd.port.post.mk> Added: head/multimedia/libdvdnav/files/patch-src-searching.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/multimedia/libdvdnav/files/patch-src-searching.c Wed Aug 1 12:40:29 2012 (r301826) @@ -0,0 +1,43 @@ +From 49c67ccf88c688e0e0e9e3b04f651b12c7d7f7f3 Mon Sep 17 00:00:00 2001 +From: Erik Hovland <erik@hovland.org> +Date: Mon, 16 Apr 2012 14:56:43 -0700 +Subject: [PATCH] Check cell new row before using it to index into + cell_playback + +cellnr is used to index into cell_playback after subtracting +one from it. If cellnr is 0, then it will index -1 in cell_playback +which will seek out of boundary of cell_playback. This manifested into a +segfault for some users as reported by this launchpad bug: +https://bugs.launchpad.net/ubuntu/+source/libdvdnav/+bug/934471 + +By checking cellnr and skipping the indexing if cellnr is equal to zero +then we avoid the segfault. There might be a bigger issue w/ regard to +retrieving a value of zero for cell new row, but this fix works for the +reporter. + +Thanks goes to Sylvain Henry (hsyl20 AT gmail DOT com for both +reporting the bug to launchpad and submitting a potential patch (even +though we went w/ a different fix). +--- + src/searching.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/src/searching.c b/src/searching.c +index 3649e9d..0b5f22a 100644 +--- src/searching.c ++++ src/searching.c +@@ -640,7 +640,11 @@ uint32_t dvdnav_describe_title_chapters(dvdnav_t *this, int32_t title, uint64_t + goto fail; + } + +- cellnr = pgc->program_map[ptt[i].pgn-1]; ++ if ((cellnr = pgc->program_map[ptt[i].pgn-1]) == 0) { ++ printerr("Cell new row cannot be 0"); ++ continue; ++ } ++ + if(ptt[i].pgn < pgc->nr_of_programs) + endcellnr = pgc->program_map[ptt[i].pgn]; + else +-- +1.7.10.3 _______________________________________________ svn-ports-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-ports-all To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Committed with minor changes, thanks!