[asterisk-bugs] [JIRA] Created: (ASTERISK-20231) codec_ilbc using memcpy instead of memmove for overlapping mem

Walter Doekes (JIRA) noreply at issues.asterisk.org
Tue Aug 14 13:32:07 CDT 2012


codec_ilbc using memcpy instead of memmove for overlapping mem
--------------------------------------------------------------

                 Key: ASTERISK-20231
                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-20231
             Project: Asterisk
          Issue Type: Bug
      Security Level: None
          Components: Codecs/codec_ilbc
    Affects Versions: 1.8.15.0
            Reporter: Walter Doekes
            Severity: Minor


According to the valgrind at https://issues.asterisk.org/jira/secure/attachment/43983/valgrind_2012-06-27.txt ( ASTERISK-19890 ), iLBC uses memcpy when it should use memmove.

{noformat}
==26282== Source and destination overlap in memcpy(0x7feffcc40, 0x7feffcce0, 428)
==26282==    at 0x4A0884B: memcpy (mc_replace_strmem.c:587)
==26282==    by 0x11720BEE: Decode (iLBC_decode.c:254)
==26282==    by 0x11721768: iLBC_decode (iLBC_decode.c:507)
==26282==    by 0x11720116: ilbctolin_framein (codec_ilbc.c:113)
==26282==    by 0x567ED3: framein (translate.c:218)
==26282==    by 0x568C84: calc_cost (translate.c:437)
==26282==    by 0x56AFE2: __ast_register_translator (translate.c:887)
==26282==    by 0x11720411: load_module (codec_ilbc.c:205)
==26282==    by 0x4EA140: start_resource (loader.c:796)
==26282==    by 0x4EAABF: load_resource_list (loader.c:984)
==26282==    by 0x4EB176: load_modules (loader.c:1137)
==26282==    by 0x44628F: main (asterisk.c:3902)
==26282== 
==26282== Source and destination overlap in memcpy(0x7feffcc40, 0x7feffcce0, 428)
==26282==    at 0x4A0884B: memcpy (mc_replace_strmem.c:587)
==26282==    by 0x11720DEE: Decode (iLBC_decode.c:302)
==26282==    by 0x11721768: iLBC_decode (iLBC_decode.c:507)
==26282==    by 0x11720116: ilbctolin_framein (codec_ilbc.c:113)
==26282==    by 0x567ED3: framein (translate.c:218)
==26282==    by 0x568C84: calc_cost (translate.c:437)
==26282==    by 0x56AFE2: __ast_register_translator (translate.c:887)
==26282==    by 0x11720411: load_module (codec_ilbc.c:205)
==26282==    by 0x4EA140: start_resource (loader.c:796)
==26282==    by 0x4EAABF: load_resource_list (loader.c:984)
==26282==    by 0x4EB176: load_modules (loader.c:1137)
==26282==    by 0x44628F: main (asterisk.c:3902)
==26282== 
==26282== Source and destination overlap in memcpy(0x7feffd4a0, 0x7feffd540, 428)
==26282==    at 0x4A0884B: memcpy (mc_replace_strmem.c:587)
==26282==    by 0x117228F9: iLBC_encode (iLBC_encode.c:311)
==26282==    by 0x11720309: lintoilbc_frameout (codec_ilbc.c:153)
==26282==    by 0x568CBD: calc_cost (translate.c:439)
==26282==    by 0x56AFE2: __ast_register_translator (translate.c:887)
==26282==    by 0x11720430: load_module (codec_ilbc.c:207)
==26282==    by 0x4EA140: start_resource (loader.c:796)
==26282==    by 0x4EAABF: load_resource_list (loader.c:984)
==26282==    by 0x4EB176: load_modules (loader.c:1137)
==26282==    by 0x44628F: main (asterisk.c:3902)
==26282== 
==26282== Source and destination overlap in memcpy(0x7feffd4a0, 0x7feffd540, 428)
==26282==    at 0x4A0884B: memcpy (mc_replace_strmem.c:587)
==26282==    by 0x11722D50: iLBC_encode (iLBC_encode.c:389)
==26282==    by 0x11720309: lintoilbc_frameout (codec_ilbc.c:153)
==26282==    by 0x568CBD: calc_cost (translate.c:439)
==26282==    by 0x56AFE2: __ast_register_translator (translate.c:887)
==26282==    by 0x11720430: load_module (codec_ilbc.c:207)
==26282==    by 0x4EA140: start_resource (loader.c:796)
==26282==    by 0x4EAABF: load_resource_list (loader.c:984)
==26282==    by 0x4EB176: load_modules (loader.c:1137)
==26282==    by 0x44628F: main (asterisk.c:3902)
{noformat}

And valgrind is right.

CB_MEML = 147
SUBL = 40

=> memcpy(x, x + 40, 4 * (147-40))

In 4 places.

There might be more, but valgrind didn't report those, and I didn't check any further ;)

Regards,
Walter

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira



More information about the asterisk-bugs mailing list