We are currently migrating Bugzilla to GitHub issues.
Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.
When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.

Bug 2280 - uninitialized wavespec used in SDL_BuildAudioCVT
Summary: uninitialized wavespec used in SDL_BuildAudioCVT
Status: RESOLVED FIXED
Alias: None
Product: SDL_mixer
Classification: Unclassified
Component: misc (show other bugs)
Version: 1.2.11
Hardware: x86 Linux
: P2 major
Assignee: Ryan C. Gordon
QA Contact: Sam Lantinga
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-12-02 06:20 UTC by Nitz
Modified: 2019-06-10 16:05 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Nitz 2013-12-02 06:20:00 UTC 
In WAVStream *WAVStream_LoadSong_RW(SDL_RWops *src, int freesrc) function

if( magic == RIFF || magic == WAVE ) and if( magic == FORM ) both conditions fails then wavespec remain uninitialized and used in
 
SDL_BuildAudioCVT(&wave->cvt,
                wavespec.format, wavespec.channels, wavespec.freq,
                mixer.format, mixer.channels, mixer.freq);

Which causes undefined behaviour.

patch for this bug:


if ( magic == RIFF || magic == WAVE ) {
             wave->src = LoadWAVStream(src, &wavespec, &wave->start, &wave->stop);
         } else if ( magic == FORM ) {
             wave->src = LoadAIFFStream(src, &wavespec, &wave->start, &wave->stop);
         } else {
             Mix_SetError("Unknown WAVE format");
             SDL_free(wave); // Thses 2 lines should be added.
             return(NULL); //
         }

Cheers....
Comment 1 Sam Lantinga 2019-06-10 16:05:40 UTC 
This has been fixed.