[FFmpeg-trac] #5487(avcodec:open): mjpeg2jpeg bitstream filter causes segmentation fault with header-less mjpeg
FFmpeg
trac at avcodec.org
Thu Apr 28 18:21:27 CEST 2016
#5487: mjpeg2jpeg bitstream filter causes segmentation fault with header-less
mjpeg
-------------------------------------+-------------------------------------
Reporter: thebombzen | Owner:
Type: defect | Status: open
Priority: important | Component: avcodec
Version: git-master | Resolution:
Keywords: mjpeg2jpeg | Blocked By:
crash regression | Reproduced by developer: 1
Blocking: |
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
Changes (by cehoyos):
* keywords: mjpeg2jpeg, bsf => mjpeg2jpeg crash regression
* priority: normal => important
* status: new => open
* component: undetermined => avcodec
* reproduced: 0 => 1
Comment:
Regression since af9cac1be1750ecc0e12c6788a3aeed1f1a778be
{{{
$ valgrind ffmpeg_g -i mjpeg2jpeg_bsf_error.mjpeg -vcodec copy -bsf
mjpeg2jpeg -f null -
==4223== Memcheck, a memory error detector
==4223== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==4223== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==4223== Command: ffmpeg_g -i mjpeg2jpeg_bsf_error.mjpeg -vcodec copy -bsf
mjpeg2jpeg -f null -
==4223==
ffmpeg version N-79688-g3cb3ddd Copyright (c) 2000-2016 the FFmpeg
developers
built with gcc 4.7 (SUSE Linux)
configuration: --enable-gpl
libavutil 55. 23.100 / 55. 23.100
libavcodec 57. 38.100 / 57. 38.100
libavformat 57. 34.103 / 57. 34.103
libavdevice 57. 0.101 / 57. 0.101
libavfilter 6. 44.100 / 6. 44.100
libswscale 4. 1.100 / 4. 1.100
libswresample 2. 0.101 / 2. 0.101
libpostproc 54. 0.100 / 54. 0.100
[mjpeg @ 0xb5017e0] Format mjpeg detected only with low score of 25,
misdetection possible!
Input #0, mjpeg, from 'mjpeg2jpeg_bsf_error.mjpeg':
Duration: N/A, bitrate: N/A
Stream #0:0: Video: mjpeg, yuvj422p(pc, bt470bg/unknown/unknown),
1920x1080, 25 fps, 25 tbr, 1200k tbn
[null @ 0xbbd2da0] Using AVStream.codec to pass codec parameters to muxers
is deprecated, use AVStream.codecpar instead.
Output #0, null, to 'pipe:':
Metadata:
encoder : Lavf57.34.103
Stream #0:0: Video: mjpeg, yuvj422p, 1920x1080, q=2-31, 25 fps, 25
tbr, 1200k tbn
Stream mapping:
Stream #0:0 -> #0:0 (copy)
Press [q] to stop, [?] for help
==4223== Use of uninitialised value of size 8
==4223== at 0x9FC36D: mjpeg2jpeg_filter (mjpeg2jpeg_bsf.c:90)
==4223== by 0x73476B: av_bitstream_filter_filter
(bitstream_filter.c:162)
==4223== by 0x6D91EE: av_apply_bitstream_filters (utils.c:4991)
==4223== by 0x49317A: write_frame (ffmpeg.c:692)
==4223== by 0x499658: do_streamcopy (ffmpeg.c:1908)
==4223== by 0x49B4C7: transcode (ffmpeg.c:2434)
==4223== by 0x47DC8A: main (ffmpeg.c:4343)
==4223==
[AVBSFContext @ 0xbbd5b00] input is truncated
==4223== Conditional jump or move depends on uninitialised value(s)
==4223== at 0x726D3C: av_packet_free (avpacket.c:64)
==4223== by 0x9FC58D: mjpeg2jpeg_filter (mjpeg2jpeg_bsf.c:129)
==4223== by 0x73476B: av_bitstream_filter_filter
(bitstream_filter.c:162)
==4223== by 0x6D91EE: av_apply_bitstream_filters (utils.c:4991)
==4223== by 0x49317A: write_frame (ffmpeg.c:692)
==4223== by 0x499658: do_streamcopy (ffmpeg.c:1908)
==4223== by 0x49B4C7: transcode (ffmpeg.c:2434)
==4223== by 0x47DC8A: main (ffmpeg.c:4343)
==4223==
==4223== Use of uninitialised value of size 8
==4223== at 0x726D42: av_packet_free (avpacket.c:255)
==4223== by 0x9FC58D: mjpeg2jpeg_filter (mjpeg2jpeg_bsf.c:129)
==4223== by 0x73476B: av_bitstream_filter_filter
(bitstream_filter.c:162)
==4223== by 0x6D91EE: av_apply_bitstream_filters (utils.c:4991)
==4223== by 0x49317A: write_frame (ffmpeg.c:692)
==4223== by 0x499658: do_streamcopy (ffmpeg.c:1908)
==4223== by 0x49B4C7: transcode (ffmpeg.c:2434)
==4223== by 0x47DC8A: main (ffmpeg.c:4343)
==4223==
==4223== Use of uninitialised value of size 8
==4223== at 0x107F033: av_freep (mem.c:247)
==4223== by 0x726D70: av_packet_free (avpacket.c:257)
==4223== by 0x9FC58D: mjpeg2jpeg_filter (mjpeg2jpeg_bsf.c:129)
==4223== by 0x73476B: av_bitstream_filter_filter
(bitstream_filter.c:162)
==4223== by 0x6D91EE: av_apply_bitstream_filters (utils.c:4991)
==4223== by 0x49317A: write_frame (ffmpeg.c:692)
==4223== by 0x499658: do_streamcopy (ffmpeg.c:1908)
==4223== by 0x49B4C7: transcode (ffmpeg.c:2434)
==4223== by 0x47DC8A: main (ffmpeg.c:4343)
==4223==
==4223==
==4223== Process terminating with default action of signal 11 (SIGSEGV)
==4223== Bad permissions for mapped region at address 0x728268
==4223== at 0x107F036: av_freep (mem.c:248)
==4223== by 0x726D70: av_packet_free (avpacket.c:257)
==4223== by 0x9FC58D: mjpeg2jpeg_filter (mjpeg2jpeg_bsf.c:129)
==4223== by 0x73476B: av_bitstream_filter_filter
(bitstream_filter.c:162)
==4223== by 0x6D91EE: av_apply_bitstream_filters (utils.c:4991)
==4223== by 0x49317A: write_frame (ffmpeg.c:692)
==4223== by 0x499658: do_streamcopy (ffmpeg.c:1908)
==4223== by 0x49B4C7: transcode (ffmpeg.c:2434)
==4223== by 0x47DC8A: main (ffmpeg.c:4343)
==4223==
==4223== HEAP SUMMARY:
==4223== in use at exit: 1,861,854 bytes in 66 blocks
==4223== total heap usage: 1,049 allocs, 983 frees, 7,564,761 bytes
allocated
==4223==
==4223== LEAK SUMMARY:
==4223== definitely lost: 0 bytes in 0 blocks
==4223== indirectly lost: 0 bytes in 0 blocks
==4223== possibly lost: 0 bytes in 0 blocks
==4223== still reachable: 1,861,854 bytes in 66 blocks
==4223== suppressed: 0 bytes in 0 blocks
==4223== Rerun with --leak-check=full to see details of leaked memory
==4223==
==4223== For counts of detected and suppressed errors, rerun with: -v
==4223== Use --track-origins=yes to see where uninitialised values come
from
==4223== ERROR SUMMARY: 4 errors from 4 contexts (suppressed: 2 from 2)
Segmentation fault
}}}
--
Ticket URL: <https://trac.ffmpeg.org/ticket/5487#comment:1>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list