Chris Rankin wrote:
> --- Hans-Dieter Kosch <hdkosch@...> wrote:
>>>The other problem is in _kbindings_free_bindings() in src/xitk/kbindings_common.c, but I'm
>>>still trying to track that one down.
>>Investigation in progress.
> This seems to be related to my .xine/keymap file; I have deleted it so that xine could regenerate
> it, and it is now considerably smaller. But the basic premise is that too many entries in this
> keymap file causes an overflow and massive heap corruption.
I exactly experienced the same and found the reason meanwhile: The
'is_alias' members of the binding entries were not initialized and could
be set by chance. So, original entries appeared as aliases (what's wrong
per se), were saved, and added upon each loading of the keymap file,
causing the file and table to grow beyond all bounds. This also caused
an endless list of redundancy warnings at startup of xine-ui.
Interesting: This bug seems to exist from the beginning. It was never
obvious until reorganization of the kbindings source now. We were lucky
so far and had null in memory at the place of 'is_alias'; now, due to
different memory layout, this bug has come to light.
Patch prepared, will be committed this weekend, protection against array
overflow included too.