[FFmpeg-devel] Bugreport: PAFF crashes ffplay, more info than older report, appendix
Michael Niedermayer
michaelni
Thu May 3 17:08:50 CEST 2007
Hi
On Thu, May 03, 2007 at 03:05:46PM +0200, Thorsten Jordan wrote:
> Hello developers,
>
> sorry, the reply-to doesnt work here, so i have to write one mail after
> the another. sorry for the mess. And sorry, the given line numbers may
> vary a bit because i spread av_logs over the code.
>
> Now i researched more and have better info.
>
> With h264 decoding PAFF material the decoder recognizes bottom fields
> (h264.c, line 4665) and this leads to an increase of the buffer pointer
> by wrap (mpegvideo.c, line 1620). This leads to a line-off-by-one error
> in draw_edges_mmx or draw_edges_c. This leads either to heap corruption
> or to a segfault when running ffmpeg with memory checkers like efence or
> DUMA.
>
> I do not know if draw_edges is valid for bottom fields or what goes
> wrong here and further research seems much more time demanding. I hope
> this info helps you for fixing this.
well i dont know the rules for h.264 field pictures and out of picture
sample repeation (i would have to check the h.264 spec) but i guess
that they almost certainly will repeat even and odd independant of each
other, that is draw_edges of each field seperately
if true images will have to be allocated to be large enough for the amount
of repeation done (repeating less is possible too)
patch welcome
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
I do not agree with what you have to say, but I'll defend to the death your
right to say it. -- Voltaire
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20070503/e6b0ed17/attachment.pgp>
More information about the ffmpeg-devel
mailing list