Ubuntu
libusb package

Valgrind invalid read error in usb_parse_descriptor()

Bug #557620 reported by Sebastien Bacher
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
libusb (Ubuntu)
Invalid
Low
Unassigned

Bug Description

Using lucid beta2, calling LIBMTP_Detect_Raw_Devices() leads to crashes in rhythmbox, valgrind show invalid read error in libusb code

small testcase:

"#include <libmtp.h>

int main (int argc, char **argv) {
 int num_raw_devices;
 LIBMTP_raw_device_t *raw_devices;
 LIBMTP_Detect_Raw_Devices (&raw_devices, &num_raw_devices);
}

 "

Corresponding valgrind log:

"==12975== Invalid read of size 1
==12975== at 0x4085E08: usb_parse_descriptor (descriptors.c:42)
==12975== by 0x40860BF: usb_parse_configuration (descriptors.c:238)
==12975== by 0x4087FF5: usb_os_find_devices (linux.c:512)
==12975== by 0x4085791: usb_find_devices (usb.c:98)
==12975== by 0x40602FD: init_usb (libusb-glue.c:147)
==12975== by 0x4062148: LIBMTP_Detect_Raw_Devices (libusb-glue.c:441)
==12975== by 0x8048510: main (devices.c:6)
==12975== Address 0x422f109 is 0 bytes after a block of size 193 alloc'd
==12975== at 0x4024F20: malloc (vg_replace_malloc.c:236)
==12975== by 0x4087F8E: usb_os_find_devices (linux.c:489)
==12975== by 0x4085791: usb_find_devices (usb.c:98)
==12975== by 0x40602FD: init_usb (libusb-glue.c:147)
==12975== by 0x4062148: LIBMTP_Detect_Raw_Devices (libusb-glue.c:441)
==12975== by 0x8048510: main (devices.c:6)"

Revision history for this message
Sebastien Bacher (seb128) wrote :

duplicate bug opening

Changed in libusb (Ubuntu):
importance: Undecided → Low
status: New → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.