We are currently migrating Bugzilla to GitHub issues.
Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.
When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.

Bug 298

Summary: SDL audio write outside its allocated memory when resampling and segfault
Product: SDL Reporter: Alfredo Tupone <alfredo>
Component: audioAssignee: Ryan C. Gordon <icculus>
Status: RESOLVED FIXED QA Contact: Ryan C. Gordon <icculus>
Severity: normal    
Priority: P2    
Version: 1.2.11   
Hardware: All   
OS: All   

Description Alfredo Tupone 2006-08-09 13:29:27 UTC 
When I open the audio specifying only the desired charatheristic, and not the obtained, number of samples can be changed inside the desired characteristic, if the driver is not able to comply with the request.
If it is going to use a different rate too, the number of sample user send is different from the one effectively sent to the driver

Just to point my case, I-m selecting "alsa + dmix", and it use 48000, while I asked for 11025.

The number of samples passed effectively to the driver are different that the one agreed (in my case about 4 times). I don't know if in that case the driver is behaving correctly, but however the behaviour is somewhat weird. 
I think what should be done, if rate is different, is to get the number of samples desired from the user, multiply by the ratio between the rate, ask the driver, and report back the samples, scaled again, to the user
Comment 1 Alfredo Tupone 2006-08-17 11:40:39 UTC 
I have more information on that.

As it was pointed out by valgrind, when SDL was asked to autonomally convert the incoming stream, it write outside its allocated buffer. A simple patch is to     set 

audio->convert.len = desired->size / audio->convert.len_ratio;

when preparing the conversion structures.

This fixes the segfault, and sound is little better.

I suppose this is not the only fix to apply, maybe someone should study what to do, or remove the auto-resampling facility if there is nothing to do to fix it
Comment 2 Alfredo Tupone 2006-10-27 13:53:43 UTC 
Patch to fix this bug.

--- src/audio/SDL_audio.c.old   2006-10-19 08:16:18.000000000 +0200
+++ src/audio/SDL_audio.c       2006-10-19 08:18:08.000000000 +0200
@@ -591,7 +591,7 @@
                        return(-1);
                }
                if ( audio->convert.needed ) {
-                       audio->convert.len = desired->size;
+                       audio->convert.len = desired->size / audio->convert.len_ratio;
                        audio->convert.buf =(Uint8 *)SDL_AllocAudioMem(
                           audio->convert.len*audio->convert.len_mult);
                        if ( audio->convert.buf == NULL ) {
Comment 3 Ryan C. Gordon 2006-10-27 15:46:59 UTC 
Looking at this now.

(Be aware that SDL 1.2 only does correct audio resampling when the source and destination are powers of two...so 11025->48000 will always sound a little wrong, but 11025->44100 will sound okay. We're fixing this for SDL 1.3.)

--ryan.
Comment 4 Ryan C. Gordon 2006-10-27 16:24:09 UTC 
Fixed in svn revision #2878 for 1.2 branch, and svn revision #2879 for 1.3 branch.

Thanks!

--ryan.