[
https://issues.apache.org/jira/browse/GUACAMOLE-240?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15930462#comment-15930462
]
Michael Jumper commented on GUACAMOLE-240:
------------------------------------------
To answer the question of how this could possibly have worked before, there
were four cases which occurred previously:
# {{guac_pa_stream*}} used as {{guac_pa_stream*}} (clearly OK)
# {{guac_client*}} used as {{guac_client*}} (inconsistent but clearly OK)
# {{guac_pa_stream*}} used as {{guac_client*}} (BAD!)
# {{guac_pa_stream*}} cast to {{guac_client*}} and passed to another callback
which ultimately used it as {{guac_pa_stream*}} anyway (not OK, but clearly
would work)
In the "BAD!" case above, the only usages of {{guac_pa_stream*}} as a
{{guac_client*}} were through calls to {{guac_client_log()}}. This definitely
will segfault, but apparently often didn't in practice due to the likelihood of
{{((guac_client*) not_actually_guac_client)->log_handler}} happening to be NULL.
> Wrong structures passed to PulseAudio callbacks
> -----------------------------------------------
>
> Key: GUACAMOLE-240
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-240
> Project: Guacamole
> Issue Type: Bug
> Components: guacamole-server
> Affects Versions: 0.9.12-incubating
> Reporter: Michael Jumper
> Assignee: Michael Jumper
> Priority: Blocker
> Fix For: 0.9.12-incubating
>
>
> The arbitrary data provided for callbacks given to the PulseAudio library are
> supposed to all be {{guac_pa_stream*}} ... but this is not the case. Several
> of these callbacks are given pointers to {{guac_client}}, and others continue
> to cast to {{guac_client*}} even though they are actually given
> {{guac_pa_stream*}}. This leads to segfaults when those callbacks are invoked.
> *NOTE:* This is a regression due to GUACAMOLE-179.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
