[Live-devel] SegmentQueue::enqueueNewSegment() overflow

Jeremy Noring jnoring at logitech.com
Thu Apr 15 11:43:11 PDT 2010 

On Thu, Apr 15, 2010 at 3:13 AM, <dirk.raffel at de.transport.bombardier.com>wrote:

>
> Hello everyone,
>
> First, let me say that I'm totally new to Live555 and multimedia streaming
> in general. I'm planning to build an on-demand RTSP server for streaming WAV
> and/or MP3 files via RTP unicast to an RTSP client.
>
> I've built and tried the TestOnDemandRTSPServer in the testProgs directory.
> Streaming a WAV file works flawless, but when streaming a MP3 file I get the
> error
>
> SegmentQueue::enqueueNewSegment() overflow
>
> which is generated in MP3ADU.cpp. While increasing SegmentQueueSize
> obviously helps in avoiding this error, there are still a lot of "gaps" in
> the playback.
>

When I ran Live555 through static code analysis, a bunch of stuff in the MP3
portions of the library was flagged, including several potential buffer
overflows.  I didn't do anything about it because I don't use MP3 (sorry)
but some of the stuff could definitely be related to your overflow:

Warning    5    warning C6385: Invalid data: accessing 'fSegments->s', the
readable size is '20320' bytes, but '1572768' bytes might be read: Lines:
173, 174, 175, 177, 181, 182, 185, 189, 197, 198, 199, 200, 203, 205, 213,
215, 220, 222, 225, 226, 227, 228, 229, 230, 231, 234, 240, 244, 245, 246
mp3adu.cpp    246
Warning    6    warning C6246: Local declaration of 'bytesToZero' hides
declaration of the same name in outer scope. For additional information, see
previous declaration at line '442' of 'mp3adu.cpp': Lines: 442
mp3adu.cpp    471
Warning    12    warning C4996: 'fdopen': The POSIX name for this item is
deprecated. Instead, use the ISO C++ conformant name: _fdopen. See online
help for details.    MP3HTTPSource.cpp    55
Warning    28    warning C6386: Buffer overrun: accessing 'si.ch', the
writable size is '480' bytes, but '720' bytes might be written: Lines: 432,
438, 439, 441, 442, 445, 447, 448, 450, 451    mp3internals.cpp    451
Warning    25    warning C6386: Buffer overrun: accessing 'si.ch', the
writable size is '480' bytes, but '720' bytes might be written: Lines: 349,
355, 356, 358, 359, 362, 364, 365   mp3internals.cpp    365
Warning    27    warning C6385: Invalid data: accessing 'si.ch', the
readable size is '480' bytes, but '720' bytes might be read: Lines: 432,
438, 439, 441, 442, 445, 447, 448    mp3internals.cpp    448
Warning    26    warning C6385: Invalid data: accessing 'si.ch', the
readable size is '480' bytes, but '720' bytes might be read: Lines: 349,
355, 356, 358, 359, 362, 364, 365, 366, 364, 365, 366, 364, 365, 366, 364,
369, 370, 371    mp3internals.cpp    371
Warning    24    warning C6385: Invalid data: accessing
'live_tabsel[isMPEG2]', the readable size is '192' bytes, but '384' bytes
might be read: Lines: 157, 158, 159, 166, 167, 168, 170, 173, 176, 178, 179,
180, 181, 182, 183, 184, 186, 188, 194    mp3internals.cpp    194
Warning    23    warning C6244: Local declaration of 'slen' hides previous
declaration at line '434' of 'mp3internalshuffman.cpp'
mp3internalshuffman.cpp    505
Warning    22    warning C6054: String 'command' might not be
zero-terminated: Lines: 341, 342, 343, 344, 345, 346, 350, 351, 353, 355
mp3internalshuffman.cpp    355
Warning    19    warning C6031: Return value ignored: 'sscanf'
mp3internalshuffman.cpp    353
Warning    20    warning C6031: Return value ignored: 'sscanf'
mp3internalshuffman.cpp    365
Warning    21    warning C6031: Return value ignored: 'sscanf'
mp3internalshuffman.cpp    376
Warning    18    warning C6385: Invalid data: accessing 'hbuf', the readable
size is '3' bytes, but '4' bytes might be read: Lines: 226, 227, 228, 230,
231, 233, 241, 242, 243, 252, 259, 268, 288, 289, 290, 293, 294
mp3streamstate.cpp    294
Warning    16    warning C6385: Invalid data: accessing 'argument 2', the
readable size is '2500' bytes, but '1048556' bytes might be read: Lines:
153, 155, 166, 167, 168, 169, 170, 171, 173    mp3streamstate.cpp    173
Warning    17    warning C6053: Call to '_snprintf' might not zero-terminate
string 'writeBuf': Lines: 201, 203, 204, 205, 206, 212, 215
mp3streamstate.cpp    215
Warning    13    warning C4996: 'fileno': The POSIX name for this item is
deprecated. Instead, use the ISO C++ conformant name: _fileno. See online
help for details.    MP3StreamState.cpp    417

Thanks,

Jeremy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.live555.com/pipermail/live-devel/attachments/20100415/f2517937/attachment-0001.html>

More information about the live-devel mailing list