From patchwork Tue Jul 19 16:25:12 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bob Ross X-Patchwork-Id: 989222 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by demeter1.kernel.org (8.14.4/8.14.4) with ESMTP id p6JGOsUs023263 for ; Tue, 19 Jul 2011 16:24:55 GMT Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751358Ab1GSQYx (ORCPT ); Tue, 19 Jul 2011 12:24:53 -0400 Received: from mailout-us.gmx.com ([74.208.5.67]:36833 "HELO mailout-us.gmx.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with SMTP id S1750829Ab1GSQYw (ORCPT ); Tue, 19 Jul 2011 12:24:52 -0400 Received: (qmail invoked by alias); 19 Jul 2011 16:24:50 -0000 Received: from cpe-70-113-126-162.austin.res.rr.com (EHLO atom.pigiron.org) [70.113.126.162] by mail.gmx.com (mp-us004) with SMTP; 19 Jul 2011 12:24:50 -0400 X-Authenticated: #53258690 X-Provags-ID: V01U2FsdGVkX19R5q8AWa9RboOsz7DMllm4mayabvLs50KpVR6MhA aU3/IvVUHQ0wHk Date: Tue, 19 Jul 2011 11:25:12 -0500 From: Bob Ross To: linux-media@vger.kernel.org Cc: Christoph Pfister , Mauro Carvalho Chehab Subject: [PATCH] dvb-apps: Fix atsc_epg crash when title text length is zero Message-ID: <20110719112512.54a63157@atom.pigiron.org> X-Mailer: Claws Mail 3.7.9 (GTK+ 2.24.5; i686-pc-linux-gnu) Mime-Version: 1.0 X-Y-GMX-Trusted: 0 Sender: linux-media-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-media@vger.kernel.org X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by milter-greylist-4.2.6 (demeter1.kernel.org [140.211.167.41]); Tue, 19 Jul 2011 16:24:55 +0000 (UTC) The ATSC A/65C standard (in Section 6.5) allows the "title_length" field in the Event Information Table (EIT) to be set to zero, but the "atsc_epg" program crashes with the following backtrace if that happens: Core was generated by `./atsc_epg -t -f 521000000'. Program terminated with signal 11, Segmentation fault. #0 0x080484b2 in atsc_text_strings_first (txt=0x0) at ../../lib/libucsi/atsc/types.h:174 174 if (txt->number_strings == 0) (gdb) bt #0 0x080484b2 in atsc_text_strings_first (txt=0x0) at ../../lib/libucsi/atsc/types.h:174 #1 0x08049670 in parse_events (curr_info=0x811bd4c, eit=0xbfcd0d78, section=0x8302710) at atsc_epg.c:647 #2 0x08049be6 in parse_eit (dmxfd=4, index=1, pid=7425) at atsc_epg.c:806 #3 0x0804aa39 in main (argc=4, argv=0xbfcd1ee4) at atsc_epg.c:1197 This patch simply skips parsing title text data if title_length is zero. Signed-off-by: Bob Ross --- util/atsc_epg/atsc_epg.c | 2 ++ 1 file changed, 2 insertions(+) -- To unsubscribe from this list: send the line "unsubscribe linux-media" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff -uprN dvb-apps.orig/util/atsc_epg/atsc_epg.c dvb-apps/util/atsc_epg/atsc_epg.c --- dvb-apps.orig/util/atsc_epg/atsc_epg.c 2011-07-01 20:32:30.000000000 -0500 +++ dvb-apps/util/atsc_epg/atsc_epg.c 2011-07-08 17:32:43.000000000 -0500 @@ -644,6 +644,8 @@ static int parse_events(struct atsc_chan } title = atsc_eit_event_name_title_text(e); + if (title == NULL) + continue; atsc_text_strings_for_each(title, str, j) { struct atsc_text_string_segment *seg;