Details
-
Bug
-
Resolution: Done
-
P2: Important
-
None
-
5.8.0, 5.9.0
-
Android
gcc 4.9
Description
We were investigating weird crashes of our app and it led us to discovering a bug in OpenSLES audio plugin in Qt Multimedia.
File qopenslesaudioinput.cpp has a method flushBuffers which contains the following code:
if (delta > 0)
writeDataToDevice(m_buffers[m_currentBuffer].constData(), m_format.bytesForDuration(delta));
but it may so happen (and it was happening from time to time in our app), that ```m_format.bytesForDuration(delta)``` is larger than the QByteArray containing the data.
writeDataToDevice does QByteArray::append(data, size); so it's obvious that the size cannot be larger than the data stored under the pointer passed to this function.
We've fixed this issue by simply changing these lines to:
if (delta > 0)
writeDataToDevice(m_buffers[m_currentBuffer].constData(), std::min(m_buffers[m_currentBuffer].size(), m_format.bytesForDuration(delta)));