aboutsummaryrefslogtreecommitdiff
path: root/audio
diff options
context:
space:
mode:
authorPeng Hao <peng.hao2@zte.com.cn>2017-07-15 22:14:21 +0800
committerGerd Hoffmann <kraxel@redhat.com>2017-07-17 11:08:59 +0200
commitfacd0e97737a41b0bed072a95dcc3eb863c7667f (patch)
tree6fa4c8a6f0888395e1a7e58fb615e7dfc0b96d6c /audio
parent6e2c46334385c7e295ac883c801c81b4925fb54f (diff)
downloadqemu-facd0e97737a41b0bed072a95dcc3eb863c7667f.zip
qemu-facd0e97737a41b0bed072a95dcc3eb863c7667f.tar.gz
qemu-facd0e97737a41b0bed072a95dcc3eb863c7667f.tar.bz2
audio: st_rate_flow exist a infinite loop
If a voice recording equipment is opened for a long time(several days) in windows guest, rate->ipos will overflow and rate->opos will never have a chance to change. It will result to a infinite loop. Signed-off-by: Peng Hao <peng.hao2@zte.com.cn> Signed-off-by: Wang Yechao <wang.yechao255@zte.com.cn> Message-id: 1500128061-20849-1-git-send-email-peng.hao2@zte.com.cn Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Diffstat (limited to 'audio')
-rw-r--r--audio/rate_template.h6
1 files changed, 6 insertions, 0 deletions
diff --git a/audio/rate_template.h b/audio/rate_template.h
index bd4b1c7..6e93588 100644
--- a/audio/rate_template.h
+++ b/audio/rate_template.h
@@ -71,6 +71,12 @@ void NAME (void *opaque, struct st_sample *ibuf, struct st_sample *obuf,
while (rate->ipos <= (rate->opos >> 32)) {
ilast = *ibuf++;
rate->ipos++;
+
+ /* if ipos overflow, there is a infinite loop */
+ if (rate->ipos == 0xffffffff) {
+ rate->ipos = 1;
+ rate->opos = rate->opos & 0xffffffff;
+ }
/* See if we finished the input buffer yet */
if (ibuf >= iend) {
goto the_end;