View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0004799 | ardour | bugs | public | 2012-03-28 00:01 | 2020-04-19 20:16 |
| Reporter | ahurst | Assigned To | cth103 | ||
| Priority | normal | Severity | major | Reproducibility | have not tried |
| Status | closed | Resolution | no change required | ||
| Product Version | 3.0-beta3 | ||||
| Target Version | 3.0 | ||||
| Summary | 0004799: Null pointer dereference probably causing crash | ||||
| Description | High impact static analysis bug: A null pointer is dereferenced in libs/ardour/audio_buffer.cc:38. This occurs in the constructor of AudioBuffer when the capacity is > 0. | ||||
| Additional Information | 30AudioBuffer::AudioBuffer(size_t capacity) 31 : Buffer(DataType::AUDIO, capacity) 32 , _owns_data (false) 33 , _data (0) Assigning: "this->_data" = "NULL". 34{ 35 if (_capacity > 0) { 36 _owns_data = true; // prevent resize() from gagging 37 resize (_capacity); 38 _silent = false; // force silence on the intial buffer state *** Passing "this" to function "ARDOUR::AudioBuffer::silence", which dereferences null "this->_data". 39 silence (_capacity); In /libs/ardour/ardour/audio_buffer.h: 34 void silence (framecnt_t len, framecnt_t offset = 0) { 35 if (!_silent) { 36 assert(_capacity > 0); 37 assert(offset + len <= _capacity); *** Function "memset(void *, int, size_t)" dereferences an offset off "this->_data". 38 memset(_data + offset, 0, sizeof (Sample) * len); 39 if (len == _capacity) { 40 _silent = true; 41 } 42 } 43 _written = true; 44 } 40 } 41} | ||||
| Tags | No tags attached. | ||||
|
|
_data is set up by resize(), unless I misunderstand your point... |
|
|
Issue has been closed automatically, by Trigger Close Plugin. Feel free to re-open with additional information if you think the issue is not resolved. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2012-03-28 00:01 | ahurst | New Issue | |
| 2012-03-28 12:24 | cth103 | cost | => 0.00 |
| 2012-03-28 12:24 | cth103 | Fixed in Version | => 3.0 beta4 |
| 2012-03-28 14:23 | cth103 | Fixed in Version | 3.0 beta4 => |
| 2012-03-28 14:23 | cth103 | Target Version | => 3.0 beta4 |
| 2012-04-01 14:44 | cth103 | Note Added: 0013054 | |
| 2012-04-01 14:44 | cth103 | Status | new => resolved |
| 2012-04-01 14:44 | cth103 | Resolution | open => no change required |
| 2012-04-01 14:44 | cth103 | Assigned To | => cth103 |
| 2012-05-23 15:08 | cth103 | Target Version | 3.0 beta4 => 3.0 |
| 2020-04-19 20:16 | system | Note Added: 0023011 | |
| 2020-04-19 20:16 | system | Status | resolved => closed |
