Arch Linux

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#78116 - [cdrdao] reading of uninitialized variables with read-toc and copy

Attached to Project: Arch Linux
Opened by Cebtenzzre (cebtenzzre) - Tuesday, 04 April 2023, 21:52 GMT
Last edited by Toolybird (Toolybird) - Tuesday, 04 April 2023, 22:14 GMT
Task Type Bug Report
Category Packages: Extra
Status Waiting on Response
Assigned To Antonio Rojas (arojas)
Architecture x86_64
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 0%
Votes 1
Private No



Since cdrdao 1.2.5, there are some changes to a way the DaoCommandLine class is initialized. Some forgotten NULL assignments mean that uninitialized stack memory is read in two cases:
- when using `cdrdao read-toc test.toc`, there are FILE lines in the TOC with garbage values (often invalid UTF-8, which causes whipper to fail)
- when using `cdrdao copy`, it segfaults when comparing sourceScsiDevice to NULL

Those are the results that I got, but of course there may be different results sometimes since it's a form of undefined behavior.

I have attached a simple patch that fixes the issue.

Additional info:
* cdrdao version 1.2.5-1
* Upstream issue
* Pull request
* whipper issue

Steps to reproduce:
This task depends upon

Comment by Toolybird (Toolybird) - Tuesday, 04 April 2023, 22:13 GMT
Orphaned pkg (i.e. no maintainer). @arojas was the last to kindly update it. Should probably wait for upstream's response to the issue.