[FFmpeg-trac] #3254(undetermined:new): atrac3p: crash with fuzzed file

FFmpeg trac at avcodec.org
Sun Dec 29 21:03:24 CET 2013


#3254: atrac3p: crash with fuzzed file
-------------------------------------+-------------------------------------
               Reporter:  ami_stuff  |                  Owner:
                   Type:  defect     |                 Status:  new
               Priority:  normal     |              Component:
                Version:             |  undetermined
  unspecified                        |               Keywords:
             Blocked By:             |               Blocking:
Reproduced by developer:  0          |  Analyzed by developer:  0
-------------------------------------+-------------------------------------
 {{{
 (gdb) r -i 1_fuzz.aa3 -f null -
 Starting program: /media/sdb1/ffmpeg-HEAD-8a0d446/ffmpeg_g -i 1_fuzz.aa3
 -f null -
 [Thread debugging using libthread_db enabled]
 Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
 ffmpeg version 2.1.git-8a0d446 Copyright (c) 2000-2013 the FFmpeg
 developers
   built on Dec 29 2013 20:43:02 with gcc 4.7 (Debian 4.7.2-5)
   configuration: --disable-yasm --enable-gpl --disable-ffprobe --disable-
 ffserver
   libavutil      52. 59.100 / 52. 59.100
   libavcodec     55. 47.100 / 55. 47.100
   libavformat    55. 22.100 / 55. 22.100
   libavdevice    55.  5.102 / 55.  5.102
   libavfilter     4.  0.103 /  4.  0.103
   libswscale      2.  5.101 /  2.  5.101
   libswresample   0. 17.104 /  0. 17.104
   libpostproc    52.  3.100 / 52.  3.100
 [oma @ 0x929ed80] Estimating duration from bitrate, this may be inaccurate
 Input #0, oma, from '1_fuzz.aa3':
   Metadata:
     TLEN            : 17350
   Duration: 00:00:17.69, start: 0.000000, bitrate: 33 kb/s
     Stream #0:0: Audio: atrac3p ([1][0][0][0] / 0x0001), 44100 Hz, mono,
 fltp, 33 kb/s
 [New Thread 0xb7df8b70 (LWP 12809)]
 [New Thread 0xb75f8b70 (LWP 12810)]
 [New Thread 0xb6df8b70 (LWP 12811)]
 [New Thread 0xb65f8b70 (LWP 12812)]
 [New Thread 0xb5df8b70 (LWP 12813)]
 [New Thread 0xb55f8b70 (LWP 12814)]
 [New Thread 0xb4df8b70 (LWP 12815)]
 [New Thread 0xb45f8b70 (LWP 12816)]
 [New Thread 0xb3df8b70 (LWP 12817)]
 Output #0, null, to 'pipe:':
   Metadata:
     TLEN            : 17350
     encoder         : Lavf55.22.100
     Stream #0:0: Audio: pcm_s16le, 44100 Hz, mono, s16, 705 kb/s
 Stream mapping:
   Stream #0:0 -> #0:0 (atrac3plus -> pcm_s16le)
 Press [q] to stop, [?] for help
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=2, val=32
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] GHA amplitude mode 0 is not implemented. Update
 your FFmpeg version to the newest one from Git. If the problem still
 occurs, it means that your file has a feature which has not been
 implemented.
 Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
 welcome
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] GHA amplitude mode 0 is not implemented. Update
 your FFmpeg version to the newest one from Git. If the problem still
 occurs, it means that your file has a feature which has not been
 implemented.
 Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
 welcome
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] GHA amplitude mode 0 is not implemented. Update
 your FFmpeg version to the newest one from Git. If the problem still
 occurs, it means that your file has a feature which has not been
 implemented.
 Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
 welcome
 [atrac3plus @ 0x929f920] GHA amplitude mode 0 is not implemented. Update
 your FFmpeg version to the newest one from Git. If the problem still
 occurs, it means that your file has a feature which has not been
 implemented.
 Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
 welcome
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] GHA amplitude mode 0 is not implemented. Update
 your FFmpeg version to the newest one from Git. If the problem still
 occurs, it means that your file has a feature which has not been
 implemented.
 Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
 welcome
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=2, pos=2, val=19
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=2, pos=1, val=34
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=5, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=1, pos=1, val=3
 Error while decoding stream #0:0: Invalid data found when processing input
     Last message repeated 1 times
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=4, val=31
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] GHA amplitude mode 0 is not implemented. Update
 your FFmpeg version to the newest one from Git. If the problem still
 occurs, it means that your file has a feature which has not been
 implemented.
 Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
 welcome
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=5, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=4, pos=1, val=36
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid number of code table indexes: 31!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=2, val=31
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=1, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] GHA amplitude mode 0 is not implemented. Update
 your FFmpeg version to the newest one from Git. If the problem still
 occurs, it means that your file has a feature which has not been
 implemented.
 Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
 welcome
 [atrac3plus @ 0x929f920] Channel unit extension is not implemented. Update
 your FFmpeg version to the newest one from Git. If the problem still
 occurs, it means that your file has a feature which has not been
 implemented.
 Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
 welcome
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=1, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=3, val=31
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Channel unit extension is not implemented. Update
 your FFmpeg version to the newest one from Git. If the problem still
 occurs, it means that your file has a feature which has not been
 implemented.
 Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
 welcome
 [atrac3plus @ 0x929f920] GHA amplitude mode 0 is not implemented. Update
 your FFmpeg version to the newest one from Git. If the problem still
 occurs, it means that your file has a feature which has not been
 implemented.
 Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
 welcome
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=1, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] GHA amplitude mode 0 is not implemented. Update
 your FFmpeg version to the newest one from Git. If the problem still
 occurs, it means that your file has a feature which has not been
 implemented.
 Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
 welcome
 [atrac3plus @ 0x929f920] Invalid number of code table indexes: 31!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid number of code table indexes: 28!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] GHA amplitude mode 0 is not implemented. Update
 your FFmpeg version to the newest one from Git. If the problem still
 occurs, it means that your file has a feature which has not been
 implemented.
 Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
 welcome
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=1, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=2, val=25
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=3, pos=1, val=13
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=5, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
     Last message repeated 1 times
 [atrac3plus @ 0x929f920] Channel unit extension is not implemented. Update
 your FFmpeg version to the newest one from Git. If the problem still
 occurs, it means that your file has a feature which has not been
 implemented.
 Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
 welcome
 [atrac3plus @ 0x929f920] SF mode 1: invalid parameters!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] GHA amplitude mode 0 is not implemented. Update
 your FFmpeg version to the newest one from Git. If the problem still
 occurs, it means that your file has a feature which has not been
 implemented.
 Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
 welcome
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=4, pos=1, val=36
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid start bit!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] GHA amplitude mode 0 is not implemented. Update
 your FFmpeg version to the newest one from Git. If the problem still
 occurs, it means that your file has a feature which has not been
 implemented.
 Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
 welcome
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=2, pos=1, val=7
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid start bit!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=1, pos=3, val=31
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] SF index out of range: pos=14, val=-7!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] GHA amplitude mode 0 is not implemented. Update
 your FFmpeg version to the newest one from Git. If the problem still
 occurs, it means that your file has a feature which has not been
 implemented.
 Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
 welcome
 [atrac3plus @ 0x929f920] Channel unit extension is not implemented. Update
 your FFmpeg version to the newest one from Git. If the problem still
 occurs, it means that your file has a feature which has not been
 implemented.
 Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
 welcome
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Too many tones: 53 (max. 48), frame: 128!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Channel unit extension is not implemented. Update
 your FFmpeg version to the newest one from Git. If the problem still
 occurs, it means that your file has a feature which has not been
 implemented.
 Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
 welcome
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=6, pos=1, val=40
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=12, pos=1, val=12
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
     Last message repeated 1 times
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Frame data doesn't match channel configuration!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=0, val=34
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Channel unit extension is not implemented. Update
 your FFmpeg version to the newest one from Git. If the problem still
 occurs, it means that your file has a feature which has not been
 implemented.
 Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
 welcome
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] GHA amplitude mode 0 is not implemented. Update
 your FFmpeg version to the newest one from Git. If the problem still
 occurs, it means that your file has a feature which has not been
 implemented.
 Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
 welcome
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=2, val=35
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=1, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Too many tones: 59 (max. 48), frame: 173!
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] Invalid gain location: ch=0, sb=0, pos=1, val=0
 Error while decoding stream #0:0: Invalid data found when processing input
 [atrac3plus @ 0x929f920] SF index out of range: pos=5, val=-1!
 Error while decoding stream #0:0: Invalid data found when processing input

 Program received signal SIGSEGV, Segmentation fault.
 0x0828b30d in waves_synth (synth_param=synth_param at entry=0x92f1878,
     envelope=envelope at entry=0x92ef508, reg_offset=reg_offset at entry=128,
     out=out at entry=0xbfffeca0,
     phase_shift=<error reading variable: Unhandled dwarf expression opcode
 0xfa>, waves_info=<error reading variable: Unhandled dwarf expression
 opcode 0xfa>,
     waves_info=<error reading variable: Unhandled dwarf expression opcode
 0xfa>) at libavcodec/atrac3plusdsp.c:133
 133             amp = amp_sf_tab[wave_param->amp_sf] *
 (gdb) bt
 #0  0x0828b30d in waves_synth (synth_param=synth_param at entry=0x92f1878,
     envelope=envelope at entry=0x92ef508, reg_offset=reg_offset at entry=128,
     out=out at entry=0xbfffeca0,
     phase_shift=<error reading variable: Unhandled dwarf expression opcode
 0xfa>, waves_info=<error reading variable: Unhandled dwarf expression
 opcode 0xfa>,
     waves_info=<error reading variable: Unhandled dwarf expression opcode
 0xfa>) at libavcodec/atrac3plusdsp.c:133
 #1  0x0828b70f in ff_atrac3p_generate_tones
 (ch_unit=ch_unit at entry=0x92ed840,
     fdsp=fdsp at entry=0x92b0114, ch_num=ch_num at entry=0, sb=sb at entry=4,
     out=out at entry=0x92b8940) at libavcodec/atrac3plusdsp.c:217
 #2  0x0828aed5 in reconstruct_frame (num_channels=1, ch_unit=0x92ed840,
     ctx=0x92b0100, avctx=<optimized out>) at
 libavcodec/atrac3plusdec.c:289
 #3  atrac3p_decode_frame (avctx=0x929f920, data=0x92992e0,
     got_frame_ptr=0xbffff504, avpkt=0xbffff218)
     at libavcodec/atrac3plusdec.c:358
 #4  0x086d7e06 in avcodec_decode_audio4 (avctx=avctx at entry=0x929f920,
     frame=frame at entry=0x92992e0,
 got_frame_ptr=got_frame_ptr at entry=0xbffff504,
     avpkt=avpkt at entry=0xbffff750) at libavcodec/utils.c:2245
 #5  0x080c376a in decode_audio (ist=ist at entry=0x929fdc0,
     pkt=pkt at entry=0xbffff750, got_output=got_output at entry=0xbffff504)
     at ffmpeg.c:1553
 #6  0x080c6b80 in output_packet (pkt=0xbffff6e8, ist=0x929fdc0)
     at ffmpeg.c:1904
 ---Type <return> to continue, or q <return> to quit---
 #7  process_input (file_index=1) at ffmpeg.c:3216
 #8  0x080aa85b in transcode_step () at ffmpeg.c:3312
 #9  transcode () at ffmpeg.c:3364
 #10 main (argc=<optimized out>, argv=<optimized out>) at ffmpeg.c:3544
 (gdb)
 }}}

--
Ticket URL: <https://trac.ffmpeg.org/ticket/3254>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker


More information about the FFmpeg-trac mailing list