Valgrind invalid read error in usb_parse_descriptor()
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libusb (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Using lucid beta2, calling LIBMTP_
small testcase:
"#include <libmtp.h>
int main (int argc, char **argv) {
int num_raw_devices;
LIBMTP_
LIBMTP_
}
"
Corresponding valgrind log:
"==12975== Invalid read of size 1
==12975== at 0x4085E08: usb_parse_
==12975== by 0x40860BF: usb_parse_
==12975== by 0x4087FF5: usb_os_find_devices (linux.c:512)
==12975== by 0x4085791: usb_find_devices (usb.c:98)
==12975== by 0x40602FD: init_usb (libusb-glue.c:147)
==12975== by 0x4062148: LIBMTP_
==12975== by 0x8048510: main (devices.c:6)
==12975== Address 0x422f109 is 0 bytes after a block of size 193 alloc'd
==12975== at 0x4024F20: malloc (vg_replace_
==12975== by 0x4087F8E: usb_os_find_devices (linux.c:489)
==12975== by 0x4085791: usb_find_devices (usb.c:98)
==12975== by 0x40602FD: init_usb (libusb-glue.c:147)
==12975== by 0x4062148: LIBMTP_
==12975== by 0x8048510: main (devices.c:6)"
One rhythmbox bug example is bug #555885 which has similar valgrind errors