[vlc-commits] coreaudio: fix play of uninitialized data (loud CRACK)

Thomas Guillem git at videolan.org
Sat Oct 10 00:51:35 CEST 2020 

vlc | branch: master | Thomas Guillem <thomas at gllm.fr> | Thu Oct  8 12:31:20 2020 +0200| [61037b63695182fc2031614ef554d000ce5c9a0d] | committer: Marvin Scholz

coreaudio: fix play of uninitialized data (loud CRACK)

When starting deferred (likely), ca_Render() is filling the output
buffer with 0s (silence) until the requested start time is reached. When
the host time is near the requested start time, the output buffer is
partially filled with 0s, and partially filled with valid data.

In that particular case, the output buffer offset was not updated
causing the valid data to be copied at the beginning of the output
buffer, leaving some uninitialized data at the end of the buffer.

Fixes #25142

Signed-off-by: Marvin Scholz <epirat07 at gmail.com>

> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=61037b63695182fc2031614ef554d000ce5c9a0d
---

 modules/audio_output/coreaudio_common.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/modules/audio_output/coreaudio_common.c b/modules/audio_output/coreaudio_common.c
index ac4ff53c50..fd8ee7279d 100644
--- a/modules/audio_output/coreaudio_common.c
+++ b/modules/audio_output/coreaudio_common.c
@@ -176,6 +176,7 @@ ca_Render(audio_output_t *p_aout, uint32_t i_frames, uint64_t i_host_time,
         memset(p_output, 0, i_silence_bytes);
 
         i_requested -= i_silence_bytes;
+        p_output += i_silence_bytes;
 
         /* Start the first rendering */
     }
@@ -188,9 +189,11 @@ ca_Render(audio_output_t *p_aout, uint32_t i_frames, uint64_t i_host_time,
     while (p_block != NULL && i_requested != 0)
     {
         size_t i_tocopy = __MIN(i_requested, p_block->i_buffer);
-        memcpy(&p_output[i_copied], p_block->p_buffer, i_tocopy);
+        memcpy(p_output, p_block->p_buffer, i_tocopy);
         i_requested -= i_tocopy;
         i_copied += i_tocopy;
+        p_output += i_tocopy;
+
         if (i_tocopy == p_block->i_buffer)
         {
             block_t *p_release = p_block;
@@ -215,7 +218,7 @@ ca_Render(audio_output_t *p_aout, uint32_t i_frames, uint64_t i_host_time,
     {
         assert(p_sys->i_out_size == 0);
         p_sys->i_underrun_size += i_requested;
-        memset(&p_output[i_copied], 0, i_requested);
+        memset(p_output, 0, i_requested);
     }
 
     lock_unlock(p_sys);

More information about the vlc-commits mailing list