[PD-dev] [ pure-data-Patches-1848356 ] streamin/streamout doc updates, bugs, and a security issue

Tue Dec 11 04:29:25 CET 2007

Patches item #1848356, was opened at 2007-12-10 21:29
Message generated for change (Tracker Item Submitted) made by Item Submitter
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=478072&aid=1848356&group_id=55736

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: externals
Group: None
Status: Open
Resolution: None
Priority: 5
Private: Yes
Submitted By: Russell Bryant (russellbryant)
Assigned to: Nobody/Anonymous (nobody)
Summary: streamin/streamout doc updates, bugs, and a security issue

Initial Comment:
This issue has been marked private as it includes details on a remotely exploitable buffer overflow vulnerability in the code for [streamin~].

A while ago, I was looking around at different options for streaming audio in and out of Pd.  I spent a short time looking at the code for [streamin~] and [streamout~].  I ended up not using them for my project.  However, I made this set of changes while looking at the code.

Since I moved on to something else, these changes aren't exactly complete, but point out some important things, so I think they may be worth putting in as is.

Here is a summary of the changes that are included.

stream.h changes:

1) doxygen style documentation updates

2) added an ifdef to protect against multiple or recursive inclusion of the header

3) Documentation of some of the fields in the data structures

4) Fixed potential alignment bugs by adding the packed attribute for the structure that defines frame headers.  This attribute should always be used when it is used to directly interpret data from the network or when used to prepare data to send directly over the network.  This section of the gcc manual has a tidbit about the attribute:

http://gcc.gnu.org/onlinedocs/gcc-4.2.2/gcc/Variable-Attributes.html#Variable%20Attributes

5) Point out the fact that the code is not endianness-safe.  The code should eventually be updated to respect network byte order.

6) Point out that the version field of the frame header is ignored when parsing incoming frames.  It should eventually be checked, but doesn't matter much until the format gets changed such that the version number gets bumped.

7) Change a list of #defines to an enum, for the sake of better coding practice.

8) Change the use of "int" in the frame header structure to explicitly list that the field is 32-bits by using the int32_t type.

streamin~.c changes:

1) Fix a remotely exploitable buffer overflow that would allow remote execution of arbitrary code.  The frame header includes 4 bytes to specify the frame length.  However, the code only allocates enough space for the frame header and 256 bytes of payload data.  The size portion of the frame header was not checked to ensure that its value was valid.  This little hack should fix it.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=478072&aid=1848356&group_id=55736