Hi, We found one memory issue about an invalid read in the function handleCmd_DECRIBE in live.2023.05.10. Here is the bug report from the Valgrind:
--- ==1744== Invalid read of size 1 ==1744== at 0x483EF46: strlen (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so) ==1744== by 0x4E2FD14: __vfprintf_internal (vfprintf-internal.c:1688) ==1744== by 0x4E42F99: __vsnprintf_internal (vsnprintf.c:114) ==1744== by 0x4EE4F40: __snprintf_chk (snprintf_chk.c:38) ==1744== by 0x130589: snprintf (stdio2.h:67) ==1744== by 0x130589: RTSPServer::RTSPClientConnection::handleCmd_DESCRIBE_afterLookup(ServerMediaSession*) (RTSPServer.cpp:434) ==1744== by 0x12EE20: RTSPServer::RTSPClientConnection::handleCmd_DESCRIBE(char const*, char const*, char const*) (RTSPServer.cpp:397) ==1744== by 0x12F847: RTSPServer::RTSPClientConnection::handleRequestBytes(int) (RTSPServer.cpp:862) ==1744== by 0x170C70: GenericMediaServer::ClientConnection::incomingRequestHandler() (GenericMediaServer.cpp:324) ==1744== by 0x188D19: BasicTaskScheduler::SingleStep(unsigned int) (BasicTaskScheduler.cpp:153) ==1744== by 0x18A3C2: BasicTaskScheduler0::doEventLoop(char volatile*) (BasicTaskScheduler0.cpp:82) ==1744== by 0x12CA2E: main (testOnDemandRTSPServer.cpp:462) ==1744== Address 0x1ffeffeda0 is on thread 1's stack ==1744== 232 bytes below stack pointer ==1744== ==1744== ==1744== Process terminating with default action of signal 2 (SIGINT) ==1744== at 0x170DD0: snprintf (stdio2.h:67) ==1744== by 0x170DD0: GenericMediaServer::createNewClientSessionWithId() (GenericMediaServer.cpp:403) ==1744== by 0x12F926: RTSPServer::RTSPClientConnection::handleRequestBytes(int) (RTSPServer.cpp:881) ==1744== by 0x170C70: GenericMediaServer::ClientConnection::incomingRequestHandler() (GenericMediaServer.cpp:324) ==1744== by 0x188D19: BasicTaskScheduler::SingleStep(unsigned int) (BasicTaskScheduler.cpp:153) ==1744== by 0x18A3C2: BasicTaskScheduler0::doEventLoop(char volatile*) (BasicTaskScheduler0.cpp:82) ==1744== by 0x12CA2E: main (testOnDemandRTSPServer.cpp:462) ==1744== ==1744== HEAP SUMMARY: ==1744== in use at exit: 679,238 bytes in 423 blocks ==1744== total heap usage: 1,708 allocs, 1,285 frees, 8,952,007 bytes allocated ==1744== ==1744== LEAK SUMMARY: ==1744== definitely lost: 0 bytes in 0 blocks ==1744== indirectly lost: 0 bytes in 0 blocks ==1744== possibly lost: 0 bytes in 0 blocks ==1744== still reachable: 679,238 bytes in 423 blocks ==1744== suppressed: 0 bytes in 0 blocks ==1744== Rerun with --leak-check=full to see details of leaked memory ==1744== ==1744== Use --track-origins=yes to see where uninitialised values come from ==1744== For lists of detected and suppressed errors, rerun with: -s ==1744== ERROR SUMMARY: 10 errors from 4 contexts (suppressed: 0 from 0) ==1755== at 0x483EF46: strlen (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so) ==1755== by 0x4E2FD14: __vfprintf_internal (vfprintf-internal.c:1688) ==1755== by 0x4E42F99: __vsnprintf_internal (vsnprintf.c:114) ==1755== by 0x4EE4F40: __snprintf_chk (snprintf_chk.c:38) ==1755== by 0x130A91: snprintf (stdio2.h:67) ==1755== by 0x130A91: RTSPServer::RTSPClientSession::handleCmd_PLAY(RTSPServer::RTSPClientConnection*, ServerMediaSubsession*, char const*) (RTSPServer.cpp:1978) ==1755== by 0x131FCC: RTSPServer::RTSPClientSession::handleCmd_withinSession(RTSPServer::RTSPClientConnection*, char const*, char const*, char const*, char const*) (RTSPServer.cpp:1739) ==1755== by 0x12F299: RTSPServer::RTSPClientConnection::handleRequestBytes(int) (RTSPServer.cpp:996) ==1755== by 0x170C70: GenericMediaServer::ClientConnection::incomingRequestHandler() (GenericMediaServer.cpp:324) ==1755== by 0x188D19: BasicTaskScheduler::SingleStep(unsigned int) (BasicTaskScheduler.cpp:153) ==1755== by 0x18A3C2: BasicTaskScheduler0::doEventLoop(char volatile*) (BasicTaskScheduler0.cpp:82) ==1755== by 0x12CA2E: main (testOnDemandRTSPServer.cpp:462) ==1755== Address 0x1ffeffedd0 is on thread 1's stack ==1755== 232 bytes below stack pointer ==1755== ==1755== ==1755== Process terminating with default action of signal 2 (SIGINT) ==1755== at 0x4ECBF7A: select (select.c:41) ==1755== by 0x188BC5: BasicTaskScheduler::SingleStep(unsigned int) (BasicTaskScheduler.cpp:90) ==1755== by 0x18A3C2: BasicTaskScheduler0::doEventLoop(char volatile*) (BasicTaskScheduler0.cpp:82) ==1755== by 0x12CA2E: main (testOnDemandRTSPServer.cpp:462) ==1755== ==1755== HEAP SUMMARY: ==1755== in use at exit: 1,251,900 bytes in 452 blocks ==1755== total heap usage: 3,013 allocs, 2,561 frees, 5,545,849 bytes allocated ==1755== ==1755== LEAK SUMMARY: ==1755== definitely lost: 160 bytes in 1 blocks ==1755== indirectly lost: 0 bytes in 0 blocks ==1755== possibly lost: 0 bytes in 0 blocks ==1755== still reachable: 1,251,740 bytes in 451 blocks ==1755== suppressed: 0 bytes in 0 blocks ==1755== Rerun with --leak-check=full to see details of leaked memory ==1755== ==1755== Use --track-origins=yes to see where uninitialised values come from ==1755== For lists of detected and suppressed errors, rerun with: -s ==1755== ERROR SUMMARY: 31 errors from 6 contexts (suppressed: 0 from 0) ------ Kind Regards, Ruijie
_______________________________________________ live-devel mailing list live-devel@lists.live555.com http://lists.live555.com/mailman/listinfo/live-devel
