[Pkg-gtkpod-devel] Bug#438126: libgpod2: Crashes with semi-corrupted input

Javier Kohen jkohen at users.sourceforge.net
Wed Aug 15 14:23:03 UTC 2007 

Package: libgpod2
Version: 0.5.2-2
Severity: normal
Tags: patch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Somehow my artwork database got slightly corrupted, which was causing crashes inlibgpod. I tracked the issue and fixed it with the attached patch. The code expected a filename in the form :Thumb:F%d_%d.itmb or something similar, but because the stored filename was somehow corrupted, all it was getting was :F%d_%d_.itmb, which caused strchr to return 0, thus resulting in a bogus pointer being passed down to itdb_get_path.

After this change I was able to synchronize my iPod and everything looks normal once again (i.e., I can see the cover art).

- -- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.22
Locale: LANG=es_AR.UTF-8, LC_CTYPE=es_AR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libgpod2 depends on:
ii  libc6                         2.6.1-1    GNU C Library: Shared libraries
ii  libglib2.0-0                  2.12.13-1  The GLib library of C routines
ii  libgtk2.0-0                   2.10.13-1  The GTK+ graphical user interface 

Versions of packages libgpod2 recommends:
ii  libgpod-common                0.5.2-2    a library to read and write songs 

- -- no debconf information

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGwwxH823633cP2P8RAqMIAJ9tNkZ8WE4xZ7Kq4JoXX8oATGJGWQCdGQ91
B9ZnyZzLQtJyPNCRNp3c6/s=
=9KSH
-----END PGP SIGNATURE-----
-------------- next part --------------
diff -ur libgpod-0.5.2.orig/src/itdb_artwork.c libgpod-0.5.2/src/itdb_artwork.c
--- libgpod-0.5.2.orig/src/itdb_artwork.c	2007-08-15 15:40:10.000000000 +0200
+++ libgpod-0.5.2/src/itdb_artwork.c	2007-08-15 16:16:10.000000000 +0200
@@ -413,7 +413,11 @@
 
 	if (artwork_dir)
 	{
-	    filename = itdb_get_path (artwork_dir, strchr( thumb->filename+1, ':') + 1);
+	    gchar *name_on_disk = strchr( thumb->filename+1, ':');
+	    if (name_on_disk)
+	    {
+		filename = itdb_get_path (artwork_dir, name_on_disk + 1);
+	    }
 	    g_free (artwork_dir);
 	}

More information about the Pkg-gtkpod-devel mailing list