Hello all,
attached is a patch for the iLBC third party library (part of the source code of pjproject).
SOme more background about the issue: I just compiled pjsip for the Raspberry Pi. While pjsip in general was running fine, I always had a weird issue that the sound would become distorted when the phone call lasted longer than ~30 seconds. This issue happened only when the iLBC codec was used. I suspected that memory corruption was the culprit and compiled pjsip and my application with address sanitizer, a tool similar to valgrind to detect memory access errors. I got output like this:
==3210==ERROR: AddressSanitizer: memcpy-param-overlap: memory ranges [0x6f5fd020,0x6f5fd1cc) and [0x6f5fd0c0, 0x6f5fd26c) overlap
#0 0x59e37 in __interceptor_memcpy.part.36 (/home/pi/projects/sip/pjsip/simple_pjsua/simple_pjsua+0x59e37)
#1 0x4dc79f in iLBC_encode ../../ilbc/iLBC_encode.c:311
#2 0x2c7693 in ilbc_codec_encode ../src/pjmedia-codec/ilbc.c:754
#3 0x3316f7 in pjmedia_codec_encode ../include/pjmedia/codec.h:1069
The issue is that iLBC sometimes uses memcpy() even when the source and the target storage overlap. This causes undefined behaviour and "memmove()" should be used in such cases (instead of memcpy()). After I fixed the source code sp that "memmove()" is used instead of "memcpy()", this problem with the distorted sound vanished and I could use the iLBC codec without issues. So the wrong use of "memcpy()" is what caused the distorted audio in the first place. The attached patch fixes the problem. I also did some googling and found out that the same issue has been found and patched in the Asterisk source code as well (already back in 2012). Have a look at https://issues.asterisk.org/jira/browse/ASTERISK-20231 . The Asterisk issue also has a patch attached to it, which is very similar to my own.
Could you please apply my attached patch to fix this problem?
Thank you very much in advance!
Kind regards,
ChristianIndex: third_party/ilbc/iLBC_decode.c
===================================================================
--- third_party/ilbc/iLBC_decode.c (revision 5794)
+++ third_party/ilbc/iLBC_decode.c (working copy)
@@ -251,7 +251,7 @@
/* update memory */
- memcpy(mem, mem+SUBL, (CB_MEML-SUBL)*sizeof(float));
+ memmove(mem, mem+SUBL, (CB_MEML-SUBL)*sizeof(float));
memcpy(mem+CB_MEML-SUBL,
@@ -299,7 +299,7 @@
/* update memory */
- memcpy(mem, mem+SUBL, (CB_MEML-SUBL)*sizeof(float));
+ memmove(mem, mem+SUBL, (CB_MEML-SUBL)*sizeof(float));
memcpy(mem+CB_MEML-SUBL,
&reverseDecresidual[subframe*SUBL],
SUBL*sizeof(float));
Index: third_party/ilbc/iLBC_encode.c
===================================================================
--- third_party/ilbc/iLBC_encode.c (revision 5794)
+++ third_party/ilbc/iLBC_encode.c (working copy)
@@ -308,7 +308,7 @@
/* update memory */
- memcpy(mem, mem+SUBL, (CB_MEML-SUBL)*sizeof(float));
+ memmove(mem, mem+SUBL, (CB_MEML-SUBL)*sizeof(float));
memcpy(mem+CB_MEML-SUBL,
@@ -386,7 +386,7 @@
/* update memory */
- memcpy(mem, mem+SUBL, (CB_MEML-SUBL)*sizeof(float));
+ memmove(mem, mem+SUBL, (CB_MEML-SUBL)*sizeof(float));
memcpy(mem+CB_MEML-SUBL,
&reverseDecresidual[subframe*SUBL],
SUBL*sizeof(float));
_______________________________________________
Visit our blog: http://blog.pjsip.org
pjsip mailing list
pjsip@xxxxxxxxxxxxxxx
http://lists.pjsip.org/mailman/listinfo/pjsip_lists.pjsip.org
