76874 – xmms charset handling

Bug 76874 - xmms charset handling

Summary: xmms charset handling

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All All

Importance:	High normal (vote)
Assignee:	Gentoo Linux bug wranglers

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2005-01-06 04:21 UTC by Stian Skjelstad
Modified:	2006-01-12 03:08 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Stian Skjelstad 2005-01-06 04:21:19 UTC

I'm working on up-porting xmms to gtk2, when I stumbled across some bad things that needs confirmation. When decoding russian charsets in libxmms, buffers are allocated with g_malloc() like functions, but free'd with free() in playlist code a couple of places.

Wouldn't it be possible to create "bad" russian filenames and craft them to skip the first characters, and when free() is called on them, glibc stores the heap-information in-front of the pointer as far as I know.

Comment 1 Stian Skjelstad 2005-01-07 07:58:17 UTC

xmms-1.2.10-r9 fixes this issue, but this version is masked.

Comment 2 Stefan Cornelius (RETIRED) gentoo-dev

2006-01-12 03:08:42 UTC

fixed packages are in portage.