[FFmpeg-trac] #4242(avcodec:new): vp9: deadlock with fuzzed file

FFmpeg trac at avcodec.org
Sat Jan 10 13:47:32 CET 2015


#4242: vp9: deadlock with fuzzed file
---------------------------------+--------------------------------------
             Reporter:  tholin   |                     Type:  defect
               Status:  new      |                 Priority:  normal
            Component:  avcodec  |                  Version:  git-master
             Keywords:           |               Blocked By:
             Blocking:           |  Reproduced by developer:  0
Analyzed by developer:  0        |
---------------------------------+--------------------------------------
 The attached file hangs in an infinite loop.


 {{{
 $ ./ffmpeg -v 9 -loglevel 99 -i ~/fuzz/vp9_parser_infloop.webm
 ffmpeg version N-68999-g6f838de Copyright (c) 2000-2015 the FFmpeg
 developers
   built on Jan 10 2015 10:21:01 with gcc 4.8.3 (Gentoo 4.8.3 p1.1,
 pie-0.5.9)
   configuration: --prefix=/home/cocobo/repository/mpv-
 build_vanilla_debug/build_libs --enable-static --disable-shared --enable-
 gpl --enable-avresample --enable-debug=gdb --disable-doc --disable-
 optimizations --disable-stripping
   libavutil      54. 16.100 / 54. 16.100
   libavcodec     56. 20.100 / 56. 20.100
   libavformat    56. 18.100 / 56. 18.100
   libavdevice    56.  3.100 / 56.  3.100
   libavfilter     5.  7.100 /  5.  7.100
   libavresample   2.  1.  0 /  2.  1.  0
   libswscale      3.  1.101 /  3.  1.101
   libswresample   1.  1.100 /  1.  1.100
   libpostproc    53.  3.100 / 53.  3.100
 Splitting the commandline.
 Reading option '-v' ... matched as option 'v' (set logging level) with
 argument '9'.
 Reading option '-loglevel' ... matched as option 'loglevel' (set logging
 level) with argument '99'.
 Reading option '-i' ... matched as input file with argument
 '/home/cocobo/fuzz/vp9_parser_infloop.webm'.
 Finished splitting the commandline.
 Parsing a group of options: global .
 Applying option v (set logging level) with argument 9.
 Successfully parsed a group of options.
 Parsing a group of options: input file
 /home/cocobo/fuzz/vp9_parser_infloop.webm.
 Successfully parsed a group of options.
 Opening an input file: /home/cocobo/fuzz/vp9_parser_infloop.webm.
 [matroska,webm @ 0x3bf53a0] Format matroska,webm probed with size=2048 and
 score=100
 [matroska,webm @ 0x3bf53a0] Unknown entry 0x4C32
 Truncating packet of size 1048576 to 14912
 [matroska,webm @ 0x3bf53a0] Unknown entry 0x81
 [matroska,webm @ 0x3bf53a0] Read error at pos. 171 (0xab)
 [matroska,webm @ 0x3bf53a0] Unknown entry 0x82
 [matroska,webm @ 0x3bf53a0] Unknown entry 0x84
 Truncating packet of size 178937 to 15212
 [matroska,webm @ 0x3bf53a0] Unknown entry 0x4C32
 Truncating packet of size 1048576 to 14912
 [matroska,webm @ 0x3bf53a0] Read error at pos. 1279 (0x4ff)
 [matroska,webm @ 0x3bf53a0] Unknown entry 0x93
 [matroska,webm @ 0x3bf53a0] Read error at pos. 5142 (0x1416)
 [matroska,webm @ 0x3bf53a0] Invalid length 0xffffffffffffff > 0x8 for
 syntax element 1
 [matroska,webm @ 0x3bf53a0] Invalid length 0x103a31 > 0x8 for syntax
 element 1
 [matroska,webm @ 0x3bf53a0] Read error at pos. 7775 (0x1e5f)
 [matroska,webm @ 0x3bf53a0] Unknown entry 0x91
 [matroska,webm @ 0x3bf53a0] Unknown entry 0x63A2
 [matroska,webm @ 0x3bf53a0] Unknown entry 0x23E383
 [matroska,webm @ 0x3bf53a0] Read error at pos. 8082 (0x1f92)
 [matroska,webm @ 0x3bf53a0] Unknown entry 0x7FFF
     Last message repeated 1 times
 [matroska,webm @ 0x3bf53a0] Read error at pos. 8812 (0x226c)
 [matroska,webm @ 0x3bf53a0] Unknown entry 0x7FFF
 [matroska,webm @ 0x3bf53a0] Read error at pos. 9990 (0x2706)
 [matroska,webm @ 0x3bf53a0] Read error at pos. 10510 (0x290e)
 [matroska,webm @ 0x3bf53a0] Unknown entry 0x7FFF
 st:0 removing common factor 1000000 from timebase
 st:1 removing common factor 1000000 from timebase
 st:2 removing common factor 1000000 from timebase
 [matroska,webm @ 0x3bf53a0] Unknown or unsupported track type 0
 st:3 removing common factor 1000000 from timebase
 [matroska,webm @ 0x3bf53a0] Unknown or unsupported track type 0
 [matroska,webm @ 0x3bf53a0] Unknown/unsupported AVCodecID V_MS/VFWNFOURCC.
 st:4 removing common factor 1000000 from timebase
 [matroska,webm @ 0x3bf53a0] Before avformat_find_stream_info() pos: 11541
 bytes read:15317 seeks:0
 [matroska,webm @ 0x3bf53a0] parser not found for codec none, packets or
 times may be invalid.
 [vp9 @ 0x3bf79e0] Superframe packet size too big: 196 > 31
 [vp9 @ 0x3bf79e0] Superframe packet size too big: 196 > 0
     Last message repeated 11977132 times
 ^C

 }}}

--
Ticket URL: <https://trac.ffmpeg.org/ticket/4242>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker


More information about the FFmpeg-trac mailing list