Hi! I experienced crashes with aplay from alsa-*-0.9.0beta12 when playing a .wav file. I tracked it down to the snd_pcm_plugin_write_areas function in pcm/pcm_plugin.c of libasound.
The result variable in the loop can get larger than size. It is subtracted from size but since size is unsigned it will wrap around to an insanely high value and either loop forever or eventually crash. The reason for this behaviour seems to be that slave_frames can get bigger than frames due to some resampling being done in the function snd_pcm_rate_expand in pcm/pcm_rate.c. I patched the snd_pcm_plugin_write_areas function by not allowing more than frames to be subtracted from size. This fixed the crash but I am now experiencing some garbage being played at the end of the .wav. Any ideas? -- Markus _______________________________________________ Alsa-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/alsa-devel
