AddressSanitizer: negative-size-param: (size=-8), size=-8 passed to memcpy in Mem_File_Reader::read_avail

Create issue
Issue #14 resolved
Sebastian Dröge created an issue

Comments (7)

  1. Sebastian Dröge reporter

    The file in question

    Crash can also be reproduced by running e.g. "ffplay" on the file, as long as ffmpeg is built with gme support (which is the case on e.g. Debian).

  2. Michael Pyne repo owner

    I believe this is addressed by what will shortly become game-music-emu 0.6.2, containing a fix for what seems to be the precise issue, along with a minimal bit of additional hardening. If that is uncool for Debian packaging then I made sure to split out the smallest possible fix as a separate commit so it can be applied on its own if need be.

    Note that I wasn't able to reproduce the precise issue on my system with the crasher file, but there was a useful backtrace in the linked information that seems to confirm the logic error upon inspection.

  3. Michael Pyne repo owner

    The signed tarball for 0.6.2 is now available from the Downloads page. I believe this resolves the proximate issue (I suspect others will still lurk however!). But if you can still reproduce, please reopen.

  4. Sebastian Dröge reporter

    Thanks for the fast response!

    From what I can see, you only fixed this issue and added some more checks (thanks!) but there don't seem to be any other functional changes. That should be fine

  5. Log in to comment