Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

fedora 24
obsolete weakness #267

1

Weakness Breakdown


Definition:

An obsolete weakness occurs when someone uses deprecated or obsolete functions when building a system. As a programming language evolves, some functions occasionally become obsolete.

Warning code(s):

This C routine is considered obsolete.

File Name:

Ardour-5.10.0/libs/backends/portaudio/portaudio_backend.cc

Context:

The highlighted line of code below is the trigger point of this particular Fedora 24 obsolete weakness.

 	}

	process_port_connection_changes();

	return blocking_process_main (input, output);
}

bool
PortAudioBackend::start_blocking_process_thread ()
{
	if (_realtime_pthread_create (SCHED_FIFO, -20, 100000,
				&_main_blocking_thread, blocking_thread_func, this))
	{
		if (pthread_create (&_main_blocking_thread, NULL, blocking_thread_func, this))
		{
			DEBUG_AUDIO("Failed to create main audio thread\n");
			_run = false;
			return false;
		} else {
			PBD::warning << get_error_string(AquireRealtimePermissionError) << endmsg;
		}
	}

	int timeout = 5000;
	while (!_active && --timeout > 0) { Glib::usleep (1000); }

	if (timeout == 0 || !_active) {
		DEBUG_AUDIO("Failed to start main audio thread\n");
		_pcmio->close_stream();
		_run = false;
		unregister_ports();
		_active = false;
		return false;
	}
	return true;
}

bool
PortAudioBackend::stop_blocking_process_thread ()
{
	void *status;

	if (pthread_join (_main_blocking_thread, &status)) {
		DEBUG_AUDIO("Failed to stop main audio thread\n");
		return false;
	}

	return true;
}
 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.