Menu
▾
▴
#363 sox segfaults when parsing CLI options
14.4.2_p20210509-r1 here
Starting program: /usr/bin/play -V -V --norm /home/l29ah/music/infected.mka
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7d8cb59 in __strlen_avx2 () from /lib64/libc.so.6
(gdb) bt
#0 0x00007ffff7d8cb59 in __strlen_avx2 () from /lib64/libc.so.6
#1 0x00007ffff7cd9b6e in strdup () from /lib64/libc.so.6
#2 0x00007ffff7f09f19 in lsx_strdup (s=<optimized out>) at xmalloc.c:72
#3 0x000055555555e275 in parse_gopts_and_fopts (f=f@entry=0x7fffffffd650) at sox.c:2348
#4 0x00005555555601eb in parse_options_and_filenames (argc=argc@entry=5, argv=argv@entry=0x7fffffffdc08) at sox.c:2632
#5 0x0000555555558893 in main (argc=5, argv=0x7fffffffdc08) at sox.c:2864
I can confirm this happens on macOS with the latest git.
It does not happen when the --norm has an argument, as in --norm=-3
The culprit is the norm_level = lsx_strdup(optstate.arg) call
in parse_gopts_and_fopts() under case 19 - looking at lsx_strdup in src/xmalloc.c,
it simply returns lsx_checkptr(strdup(s)); but strdup(NULL) will already segfault,
because strlen(NULL) will segfault.
(The whole sox options parsing is a mess.)
Last edit: Jan Starý 2023-02-08
I can confirm this happens on Arch Linux Arm (aarch64). Using --norm=-3 succeeds as a workaround for me as well.
sox --norm input.oga output.oga
[1] 15349 segmentation fault sox --norm
gdb sox
run --norm input.oga output.oga
Absent in 14.4.2; present only in 42b355 and current git master