From fbf05b8793e85f76f79eed1a0d130217cb53ff55 Mon Sep 17 00:00:00 2001 From: Chris Tallon Date: Thu, 30 Mar 2017 18:20:45 +0100 Subject: [PATCH] Fix segfault when using subtitles The segfault occurs in pthread_exit which points at memory corruption... The problem: Play live/recording, switch subtitles on. No subtitle packets arrive from the demuxer (a channel without subtitles or just a part of a programme with no dialogue). Navigate or stop (anything to switch from playing to stopped). cTimeMs returns a small positive integer because it has never been initialised with anything other than 0. This value is negated inside an unsigned creating a very large number for "wakeup" which causes targetTime to overflow to a negative number. This is supplied to pthread_cond_timedwait which causes the spin. Something about this situation causes pthread_exit to segfault when DVBSubtitles->threadStop() is called. Also fixed missing else brackets in cTimeMs constructor. --- dvbsubtitles.cc | 7 +++++++ dvbsubtitles.h | 1 + 2 files changed, 8 insertions(+) diff --git a/dvbsubtitles.cc b/dvbsubtitles.cc index 316e403..5351b6f 100644 --- a/dvbsubtitles.cc +++ b/dvbsubtitles.cc @@ -37,11 +37,15 @@ cTimeMs::cTimeMs(int Ms) { + initted = false; + if (Ms >= 0) Set(Ms); else + { begin = 0; isFirstCheck = false; + } } uint64_t cTimeMs::Now(void) @@ -59,6 +63,8 @@ void cTimeMs::Set(int Ms) { isFirstCheck = true; // Timer set, the first check can be done once begin = Now() + Ms; + + if (Ms) initted = true; } bool cTimeMs::TimedOut(void) @@ -74,6 +80,7 @@ bool cTimeMs::TimedOut(void) uint64_t cTimeMs::Elapsed(void) { + if (!initted) return 0; return Now() - begin; } diff --git a/dvbsubtitles.h b/dvbsubtitles.h index 701bf9e..d268169 100644 --- a/dvbsubtitles.h +++ b/dvbsubtitles.h @@ -48,6 +48,7 @@ class cTimeMs { void Set(int Ms = 0); bool TimedOut(void); uint64_t Elapsed(void); + bool initted; }; class OSDReceiver; -- 2.39.2