[ATrpms-users] Re: buffer overflow in mythmusic/libcdaudio (was:
Error while trying to play cd)
Axel Thimm
Axel.Thimm at ATrpms.net
Tue Jul 26 11:43:04 CEST 2005
On Sat, Jul 23, 2005 at 09:52:17PM +0200, Axel Thimm wrote:
> On Thu, Jul 21, 2005 at 11:48:15PM +0000, jeff t wrote:
> > I need help! I recently installed mythtv-suite on my new FC4 install.
> > 2005-07-21 16:32:41.648 Set cd_status_changed to true
> > *** buffer overflow detected ***: mythfrontend terminated
> > ======= Backtrace: =========
> > /lib/libc.so.6(__chk_fail+0x41)[0x32e565]
> > /usr/lib/libcdaudio.so.1(cddb_read_disc_data+0x32a)[0x682cb52]
> > /usr/lib/mythtv/plugins/libmythmusic.so(_ZN9CdDecoder11getMetadataEv
> > +0x21c)[0x130b7d2]
> > [0x0]
> > ======= Memory map: ========
> > Aborted
> >
> > can someone tell me what is going wrong here?
>
> Fedora Core has preemptive checks in gcc that eliminate double free
> exploits, buffer overflows and the like. The latest security feature
> added in FC4 was fortify source which deteced your buffer overflow.
>
> I can't say whether this is a buffer overflow in libmythmusic.so or
> libcdaudio.so.1, I suspect the latter.
For good measure I updated libcdaudio to the latest release. Please
upgrade and try again. Thanks!
> > And what I can do to fix it! I have little experience with linux,
> > so please give clear instructions and commands. Thank you!
>
> Report it upstream. Buffer overflows are very nasty beasts and need to
> be corrected as soon as possible.
--
Axel.Thimm at ATrpms.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.atrpms.net/pipermail/atrpms-users/attachments/20050726/05aa3f66/attachment.bin
More information about the atrpms-users
mailing list