[Bug 852345] Re: Libdvdread misses hidden files and causes segfaults to calling programs
Launchpad Bug Tracker
852345 at bugs.launchpad.net
Tue Oct 11 08:19:27 UTC 2011
** Branch linked: lp:ubuntu/natty-proposed/libdvdread
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/852345
Title:
Libdvdread misses hidden files and causes segfaults to calling
programs
Status in “libdvdread” package in Ubuntu:
Fix Released
Status in “libdvdread” source package in Natty:
Fix Committed
Bug description:
[Impact]
Program segfaults when reading metadata of DVDs with invalid unicode characters.
This has been spotted with the quite popular Thor DVD, and several
duplicate reports indicate it's affecting quite a few people. It's
unknown if this was an accident (which would be bad enough!) or
intentional (in which case we can expect more movies to be released
with this flaw).
[Development Fix]
The patch is essentially scanning the upper of the two-byte code for unicode16 strings and if it has any non-zero value it blanks out the remainder of the string. In this particular case, this results in an empty string, thus causing the garbage file to be ignored.
The patch has been slightly modified from the original author's
version, to clean up the code so the patch will be more maintainable.
[Stable Fix]
Oneiric and Natty carry the same version of libdvdread, so the same patch is used in both cases.
[Test Case]
1. Buy Thor DVD.
2. Install and run lsdvd.
3. Program segfaults
With the patch, step #3 produces valid output listing the contents of
the DVD.
[Regression Potential]
Minor. This only affects how unicode characters in filenames on a DVD are handled, and as far as I know DVDs don't tend to use unicode. If they do use unicode, we can expect they'd use valid unicode (which this patch allows through.)
Since uploading the fix for this bug about a week ago, only one bug
report has been filed against oneiric, and that bug is just a
duplicate of this one.
[Original Report]
Package: libdvdread4
Version: 4.1.x and others
No error message, but symptoms are usually segfault when reading, for example the Movie DVD Thor.
This results from a new anti-copy scheme where the real video_ts.ifo is hidden. Use of the decoy video_ts.ifo results in a unplayable DVD.
Discussion is here:
http://ubuntuforums.org/showthread.php?p=11257764
Patch is here:
diff -ru libdvdread-4.1.3/src/dvd_udf.c libdvdread-4.1.3.fixed/src/dvd_udf.c
--- libdvdread-4.1.3/src/dvd_udf.c 2008-09-06 15:55:51.000000000 -0600
+++ libdvdread-4.1.3.fixed/src/dvd_udf.c 2011-09-16 14:07:04.000000000 -0600
@@ -331,21 +331,26 @@
/* This is wrong with regard to endianess */
#define GETN(p, n, target) memcpy(target,&data[p], n)
-static int Unicodedecode( uint8_t *data, int len, char *target )
+static int Unicodedecode(uint8_t *data, int len, char *target)
{
- int p = 1, i = 0;
+ len--;
+ data++;
+ if (data[-1] == 8 )
+ memcpy(target, data, len);
+ else if (data[-1] == 16) {
+ int i;
- if( ( data[ 0 ] == 8 ) || ( data[ 0 ] == 16 ) ) do {
- if( data[ 0 ] == 16 ) p++; /* Ignore MSB of unicode16 */
- if( p< len ) {
- target[ i++ ] = data[ p++ ];
+ for (i = 0; i< len; i++) {
+ if (data[i*2] == 0)
+ target[i] = data[i*2+1];
+ else
+ target[i] = 0;
}
- } while( p< len );
+ }
+ target[len] = '\0';
- target[ i ] = '\0';
return 0;
}
-
static int UDFDescriptor( uint8_t *data, uint16_t *TagID )
{
*TagID = GETN2(0);
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libdvdread/+bug/852345/+subscriptions
More information about the Ubuntu-sponsors
mailing list