Bug 251044
| Summary: | Fix clang-tidy bugprone-infinite-loop warnings in WebCore::AudioSampleDataSource::pullAvailableSamplesAsChunks() | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | David Kilzer (:ddkilzer) <ddkilzer> |
| Component: | Media | Assignee: | David Kilzer (:ddkilzer) <ddkilzer> |
| Status: | NEW | ||
| Severity: | Normal | CC: | webkit-bug-importer |
| Priority: | P2 | Keywords: | InRadar |
| Version: | WebKit Nightly Build | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
David Kilzer (:ddkilzer)
Fix clang-tidy bugprone-infinite-loop warnings in WebCore::AudioSampleDataSource::pullAvailableSamplesAsChunks().
In `Source/WebCore/platform/audio/cocoa/AudioSampleDataSource.mm`, the following `while()` loops can result in infinite loops if `sampleCountPerChunk` is zero (since there is no check that `sampleCountPerChunk` is non-zero):
```
bool AudioSampleDataSource::pullAvailableSamplesAsChunks(AudioBufferList& buffer, size_t sampleCountPerChunk, uint64_t timeStamp, Function<void()>&& consumeFilledBuffer)
{
[...]
if (m_muted) {
AudioSampleBufferList::zeroABL(buffer, sampleCountPerChunk * m_outputDescription->bytesPerFrame());
while (endFrame - startFrame >= sampleCountPerChunk) {
consumeFilledBuffer();
startFrame += sampleCountPerChunk;
}
return true;
}
while (endFrame - startFrame >= sampleCountPerChunk) {
m_ringBuffer->fetch(&buffer, sampleCountPerChunk, startFrame, CARingBuffer::Copy);
consumeFilledBuffer();
startFrame += sampleCountPerChunk;
}
return true;
}
```
<https://github.com/WebKit/WebKit/blob/main/Source/WebCore/platform/audio/cocoa/AudioSampleDataSource.mm#L317>
Found by clang static analyzer.
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Radar WebKit Bug Importer
<rdar://problem/104575403>
David Kilzer (:ddkilzer)
Pull request: https://github.com/WebKit/WebKit/pull/9001