[Asterisk-Dev] potential bad things in mp3 code

Jim Mercer jim at reptiles.org
Mon Aug 4 10:36:08 MST 2003


i'm doing some housekeeping on the code, cleaning up warnings and such,
and i've found some really funky stuff in the mp3 code.

sometimes compiler warnings tell you about stuff that is potentially bad.

in codecs/mp3/src/csbt.c:
void sbt_init(MPEG *m)
{
...
)

note, the code does not check to see if "m" is null, and just jumps in
and reverences internal structure members.

then, in codecs/mp3/src/cupini.c:
...
sbt_init();
...

a find/grep on the code reveals:

./codecs/mp3/src/csbt.c:void sbt_init(MPEG *m)
./codecs/mp3/src/cupini.c:void sbt_init();
./codecs/mp3/src/cupini.c:   sbt_init();
./codecs/mp3/src/cupL1.c:   sbt_init();
./codecs/mp3/src/cupl3.c:void sbt_init(MPEG *m);
./codecs/mp3/src/cupl3.c:   sbt_init(m);

it seems that cupl3.c is the only module that uses sbt_init "correctly".

the calls in cupini.c and cupL1.c to me, would call sbt_init() with a NULL,
or a junk pointer, either of which could cause a core dump or unpredictable
behaviour.

i'm not familiar with the code at all, so if someone with familiarity, or
a keen interest in cleaning up the mp3 stuff wants to take a crack, go to it.

-- 
[ Jim Mercer        jim at reptiles.org         +1 416 410-5633 ]
[          I want to live forever, or die trying.            ]



More information about the asterisk-dev mailing list