[Bug 52191] New: Null pointer dereference in MPEG3_StreamConvert
WineHQ Bugzilla
wine-bugs at winehq.org
Wed Dec 8 19:55:19 CST 2021
https://bugs.winehq.org/show_bug.cgi?id=52191
Bug ID: 52191
Summary: Null pointer dereference in MPEG3_StreamConvert
Product: Wine
Version: 6.20
Hardware: x86-64
OS: Linux
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: l3codeca.acm
Assignee: wine-bugs at winehq.org
Reporter: hendi48 at freenet.de
Regression SHA1: 5329da61ac51995f7a690edffbbc57d955566a6d
Distribution: ArchLinux
Wine 6.20 broke certain DX8 games that use DirectSound to do MP3 decoding.
https://github.com/wine-mirror/wine/blob/wine-6.20/dlls/l3codeca.acm/mpegl3.c#L521
Here, mpg123_feedseek is called with NULL as 4th argument (input_offset).
The called function does not check for NULL and faults when attempting to write
to it:
int __cdecl mpg123_feedseek(mpg123_handle *mh, int sampleoff, int whence, int
*input_offset)
{
int result; // eax
_off_t largeioff; // [esp+1Ch] [ebp-Ch]
result = mpg123_feedseek_64(mh, sampleoff, whence, &largeioff);
if ( result >= 0 )
*input_offset = largeioff;
return result;
}
This is decompiled code from the l3codeca.acm i386 library in Arch Linux's
wine-6.20-1 package (the same thing is the case in 6.21, too). What's really
really strange is that I just checked the bundled mpg123 source tree that comes
with Wine since 6.20, and the function looks very different.
Could this be a compilation screwup where distribution maintainers somehow
compile an external variant of mpg123 and not the in-tree version?
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list