Bug 102151

Summary: RIFF: infinite loop
Product: exempi Reporter: Jakub Wilk <jwilk>
Component: ProblemsAssignee: Hubert Figuiere <hub>
Status: RESOLVED FIXED QA Contact: Hubert Figuiere <hub>
Severity: normal    
Priority: medium    
Version: unspecified   
Hardware: Other   
OS: All   
Whiteboard: [release:2.4.4]
i915 platform: i915 features:
Attachments: reproducer

Description Jakub Wilk 2017-08-11 14:35:10 UTC 
Created attachment 133439 [details]
reproducer

Exempi seems to fall into infinite loop when extracting XMP from the attached file:

$ exempi -x inf-loop.avi
processing file inf-loop.avi
dump_xmp for file inf-loop.avi
[...nothing happens...]

Tested with git master (b1859382628b5ba961548980e3b0725d6f934b20).

Found using American Fuzzy Lop:
http://lcamtuf.coredump.cx/afl/
Comment 1 Hubert Figuiere 2017-08-15 04:14:35 UTC 
Fixed in 2.4.x branch at 65a8492832b7335ffabd01f5f64d89dec757c260
Comment 2 kirotawa 2018-05-09 20:09:16 UTC 
For some old versions it also seems an issue, but coding something like:

-       this->oldSize = LFA_ReadUns32_LE( file ) + 8;                                                                                                          +       this->oldSize = LFA_ReadUns32_LE( file );                                                                                                              +       this->oldSize += 8; 

not fix this. I suppose that part of the fix of the issue is in how XIO::ReadUns32_LE works, since it was replaced in new versions. So, is there any way to fix this for ol LFA read?
Comment 3 Hubert Figuiere 2018-05-10 01:43:35 UTC 
(In reply to kirotawa from comment #2)
> For some old versions it also seems an issue, but coding something like:
> 
> -       this->oldSize = LFA_ReadUns32_LE( file ) + 8;                       
> +       this->oldSize = LFA_ReadUns32_LE( file );                           
> +       this->oldSize += 8; 
> 
> not fix this. I suppose that part of the fix of the issue is in how
> XIO::ReadUns32_LE works, since it was replaced in new versions. So, is there
> any way to fix this for ol LFA read?

Please define "some old version".
Comment 4 kirotawa 2018-05-10 12:29:34 UTC 
I was referring to these version 2.2.1-1 and 2.2.2-2. Since they don't use XIO::ReadUns32_LE.
Comment 5 Hubert Figuiere 2018-05-10 13:55:00 UTC 
These versions are no longer supported.

As indicated this bug was fixed in 2.4.4.
Comment 6 kirotawa 2018-05-10 15:56:47 UTC 
Some distros still uses old versions I was looking for any clue or tip in how to fix this for those mentioned.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.