[FFmpeg-trac] #1063(undetermined:open): invalid reads with very high resolution video (was: h263p: crash with high resolution video)
FFmpeg
trac at avcodec.org
Sun Mar 18 22:15:34 CET 2012
#1063: invalid reads with very high resolution video
-------------------------------------+-------------------------------------
Reporter: ami_stuff | Owner:
Type: defect | Status: open
Priority: normal | Component:
Version: git-master | undetermined
Keywords: | Resolution:
Blocking: | Blocked By:
Analyzed by developer: 0 | Reproduced by developer: 1
-------------------------------------+-------------------------------------
Changes (by cehoyos):
* status: new => open
* version: unspecified => git-master
* reproduced: 0 => 1
Comment:
{{{
$ valgrind ffmpeg_g -i out.avi out2.avi
ffmpeg version N-38873-gd19d52d Copyright (c) 2000-2012 the FFmpeg
developers
built on Mar 18 2012 21:52:27 with gcc 4.3.2
configuration: --cc=/usr/local/gcc-4.3.2/bin/gcc --enable-gpl --enable-
libspeex
libavutil 51. 42.100 / 51. 42.100
libavcodec 54. 10.100 / 54. 10.100
libavformat 54. 2.100 / 54. 2.100
libavdevice 53. 4.100 / 53. 4.100
libavfilter 2. 65.101 / 2. 65.101
libswscale 2. 1.100 / 2. 1.100
libswresample 0. 7.100 / 0. 7.100
libpostproc 52. 0.100 / 52. 0.100
Input #0, avi, from 'out.avi':
Metadata:
encoder : Lavf54.2.100
Duration: 00:00:00.04, start: 0.000000, bitrate: 83956 kb/s
Stream #0:0: Video: h263 (H263 / 0x33363248), yuv420p, 4000x4000, 25
tbr, 25 tbn, 25 tbc
[buffer @ 0x44bef40] w:4000 h:4000 pixfmt:yuv420p tb:1/1000000 sar:0/1
sws_param:
Output #0, avi, to 'out2.avi':
Metadata:
ISFT : Lavf54.2.100
Stream #0:0: Video: mpeg4 (FMP4 / 0x34504D46), yuv420p, 4000x4000,
q=2-31, 200 kb/s, 25 tbn, 25 tbc
Stream mapping:
Stream #0:0 -> #0:0 (h263 -> mpeg4)
Press [q] to stop, [?] for help
==16526== Invalid read of size 1
==16526== at 0x40245A1: memcpy (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==16526== by 0x849E214: ff_MPV_encode_picture (mpegvideo_enc.c:1036)
==16526== Address 0x6462CBF is 1 bytes before a block of size 239,136
alloc'd
==16526== at 0x4021A50: memalign (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==16526== by 0x4021AAA: posix_memalign (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==16526== by 0x87BDC7F: av_mallocz (mem.c:94)
==16526==
==16526== Invalid read of size 1
==16526== at 0x40245A9: memcpy (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==16526== by 0x849E214: ff_MPV_encode_picture (mpegvideo_enc.c:1036)
==16526== Address 0x6462CBE is 2 bytes before a block of size 239,136
alloc'd
==16526== at 0x4021A50: memalign (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==16526== by 0x4021AAA: posix_memalign (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==16526== by 0x87BDC7F: av_mallocz (mem.c:94)
==16526==
==16526== Invalid read of size 1
==16526== at 0x40245B0: memcpy (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==16526== by 0x849E214: ff_MPV_encode_picture (mpegvideo_enc.c:1036)
==16526== Address 0x6462CBD is 3 bytes before a block of size 239,136
alloc'd
==16526== at 0x4021A50: memalign (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==16526== by 0x4021AAA: posix_memalign (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==16526== by 0x87BDC7F: av_mallocz (mem.c:94)
==16526==
==16526== Invalid read of size 1
==16526== at 0x40245B7: memcpy (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==16526== by 0x849E214: ff_MPV_encode_picture (mpegvideo_enc.c:1036)
==16526== Address 0x6462CBC is 4 bytes before a block of size 239,136
alloc'd
==16526== at 0x4021A50: memalign (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==16526== by 0x4021AAA: posix_memalign (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==16526== by 0x87BDC7F: av_mallocz (mem.c:94)
==16526== Warning: set address range perms: large range 193760016
(undefined)
...
==16526==
==16526== ERROR SUMMARY: 1058532 errors from 136 contexts (suppressed: 3
from 1)
==16526== malloc/free: in use at exit: 0 bytes in 0 blocks.
==16526== malloc/free: 253 allocs, 253 frees, 267,903,354 bytes allocated.
==16526== For counts of detected errors, rerun with: -v
==16526== All heap blocks were freed -- no leaks are possible.
}}}
--
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/1063#comment:4>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list