[FFmpeg-trac] #3190(avfilter:open): vf_pad/ff_fill_rectangle corrupts memory and crashes

FFmpeg trac at avcodec.org
Tue Dec 3 00:00:22 CET 2013


#3190: vf_pad/ff_fill_rectangle corrupts memory and crashes
-------------------------------------+-------------------------------------
             Reporter:  MarkZV       |                    Owner:
                 Type:  defect       |                   Status:  open
             Priority:  important    |                Component:  avfilter
              Version:  git-master   |               Resolution:
             Keywords:  crash        |               Blocked By:
  regression                         |  Reproduced by developer:  1
             Blocking:               |
Analyzed by developer:  0            |
-------------------------------------+-------------------------------------
Changes (by cehoyos):

 * keywords:   => crash regression
 * priority:  normal => important
 * status:  new => open
 * reproduced:  0 => 1


Comment:

 Regression since b077d8d9
 {{{
 ==20243== Invalid write of size 8
 ==20243==    at 0x4C2C55D: memcpy@@GLIBC_2.14 (in /usr/lib64/valgrind
 /vgpreload_memcheck-amd64-linux.so)
 ==20243==    by 0x4EBF7D: ff_fill_rectangle (drawutils.c:276)
 ==20243==    by 0x4BB2E7: filter_frame (vf_pad.c:330)
 ==20243==    by 0x489F45: ff_filter_frame_framed (avfilter.c:1072)
 ==20243==    by 0x48B008: ff_filter_frame (avfilter.c:1147)
 ==20243==    by 0x489F45: ff_filter_frame_framed (avfilter.c:1072)
 ==20243==    by 0x48B008: ff_filter_frame (avfilter.c:1147)
 ==20243==    by 0x4BB1E2: filter_frame (vf_pad.c:355)
 ==20243==    by 0x489F45: ff_filter_frame_framed (avfilter.c:1072)
 ==20243==    by 0x48B008: ff_filter_frame (avfilter.c:1147)
 ==20243==    by 0x48F0C1: request_frame (buffersrc.c:491)
 ==20243==    by 0x48F321: av_buffersrc_add_frame_internal
 (buffersrc.c:170)
 ==20243==  Address 0x7764138 is not stack'd, malloc'd or (recently) free'd
 }}}
 Reverting b077d8d9 only for libavfilter/vf_crop.c fixes the crash.

--
Ticket URL: <https://trac.ffmpeg.org/ticket/3190#comment:1>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker


More information about the FFmpeg-trac mailing list