Package: cdrkit This old bug does not seem to have received any attention and still seems to be present as of today:
http://lists.alioth.debian.org/pipermail/debburn-devel/2011-January/000822.html > when burning an audio cd with many (more than 90) audio > tracks, wodim crashes. I debuged the application (cdrkit-1.1.11) > and found the problem in lines 305 and 432 of cdtext.c. > The array sbuf allocated in line 305 (function packtext) is not large > enough and the pointer fp in function fillpacks gets out of range in > line 432: > > void packtext(int tracks, track_t *trackp) > { > > int type; > int i; > struct textpack *tp; > struct textsizes tsize; > txtarg_t targ; > char sbuf[256*18]; /* 256 is not enough, see line 432 */ > > ... > } > > > static void fillpacks(register txtarg_t *ap, register char *from, int len, > > int track_no, int pack_type) > > { > ... > > if (p >= &tp->text[12]) { > > fillcrc((Uchar *)tp, sizeof (*tp)); > p = 0; > tp++; /* may get out of range, see line 305 */ > > } > > ... > } > > > I could workaround the problem by increasing the size of sbuf. > But I think the correct solution is to compute the required size for > sbuf and allocate it dynamically. Unfortunately I do not know how > to compute the correct size. Otherwise I would have provided a patch. > > Best regards, > > Christoph
signature.asc
Description: This is a digitally signed message part.
