Hello
Until 2 days ago, tuning to 'FRANCE 3' (french channed available on hot-bird) worked perfectly.
But now, vdr core dumps any time I try to tune to 'FRANCE 3'. I've tried with vdr 1.3.42 (vanilla), 1.3.39 (debian) or 1.3.42 (Darren Salt's)
Here's the stacktrace done with vanilla 1.4.42:
(gdb) bt #0 0xffffe410 in __kernel_vsyscall () #1 0xb7d556d1 in raise () from /lib/tls/i686/cmov/libc.so.6 #2 0xb7d56f9b in abort () from /lib/tls/i686/cmov/libc.so.6 #3 0xb7f48e51 in __gnu_cxx::__verbose_terminate_handler () from /usr/lib/libstdc++.so.6 #4 0xb7f46765 in __gxx_personality_v0 () from /usr/lib/libstdc++.so.6 #5 0xb7f467a2 in std::terminate () from /usr/lib/libstdc++.so.6 #6 0xb7f4690a in __cxa_throw () from /usr/lib/libstdc++.so.6 #7 0xb7f46d51 in operator new () from /usr/lib/libstdc++.so.6 #8 0xb7f46e1d in operator new[] () from /usr/lib/libstdc++.so.6 #9 0x0810f283 in SI::CharArray::DataOwnData::assign (this=0x83f2910, d=0x0, s=4294967295) at util.c:123 #10 0x0810f7cc in SI::CharArray::assign (this=0x83f29b8, data=0x6 <Address 0x6 out of bounds>, size=6, doCopy=true) at util.c:61 #11 0x081162b3 in SI::CaDescriptor::Parse (this=0x83f29b8) at descriptor.c:332 #12 0x0810f52d in SI::Parsable::CheckParse (this=0x6) at util.c:181 #13 0x0811104a in SI::DescriptorLoop::createDescriptor (this=0xb7b662b0, i=@0xb7b66354, returnUnimplemetedDescriptor=true) at si.c:162 #14 0x081112af in SI::DescriptorLoop::getNext (this=0xb7b662b0, it=@0xb7b66354) at si.c:110 #15 0x080d2d82 in cPatFilter::Process (this=0x83be480, Pid=100, Tid=2 '\002', Data=0xb7b66414 "\002°\202\004MÕ", Length=133) at pat.c:380 #16 0x080e67fe in cSectionHandler::Action (this=0x83ac438) at sections.c:212 #17 0x08100200 in cThread::StartThread (Thread=0x83ac438) at thread.c:243 #18 0xb7f80e60 in start_thread () from /lib/tls/i686/cmov/libpthread.so.0 #19 0xb7dfd8ce in clone () from /lib/tls/i686/cmov/libc.so.6
line #12 is suspect with this=0x6 Line #15 is also interesting.
Can someone help in debuggin this ?
I think you'll get the core when you tune to 'FRANCE 3' even without a subcription:
FRANCE 3:10834:vC34:S13.0E:27500:520:530:0:1:1105:176:11600:0
Cheers
Hi
You can try this quick and dirty change:
--- ../../vdr-1.3.42/libsi/util.c 2005-05-28 16:15:29.000000000 +0200 +++ util.c 2006-02-16 19:30:10.000000000 +0100 @@ -120,6 +120,9 @@ void CharArray::DataOwnData::assign(const unsigned char*d, unsigned int s) { Delete(); size=s; + if (size > 10000) { + size=10000; + } unsigned char *newdata=new unsigned char[size]; memcpy(newdata, d, size); data=newdata;
--- Helmut
The attached patch (against VDR 1.3.42) should fix this. It needs to be applied to the 'libsi' subdirectory. After that, do a 'make clean' and 'make' in the VDR directory.
- Changed offset and size handling in 'libsi' from 'unsigned' to 'signed', so that overflows can be better detected (thanks to Marcel Wiesweg). - Checking data size in CaDescriptor::Parse() and LinkageDescriptor::Parse() of 'libsi' to avoid crashes with invalid data (thanks to Marcel Wiesweg). - Made CharArray::DataOwnData::assign() in 'libsi' more robust against invalid data (suggested by Oliver Endriss). Also changed CharArray::DataOwnData::Delete() so that it sets 'size' and 'data' to 0.
Thanks also to Helmut Auer for testing and debugging.
Klaus
Klaus Schmidinger Klaus.Schmidinger@cadsoft.de writes:
It works fine. I can tune again to FR3 and watch it without a problem. (This patch works also with Darren Salt's vdr)
Thanks to Klaus, Helmut and Oliver for the help
Cheers
-
Dominique Dumont -
Helmut Auer -
Klaus Schmidinger