[FFmpeg-trac] #5598(undetermined:new): image2pipe disruption and OOM crash on BMP sequences with certain pixel values
FFmpeg
trac at avcodec.org
Mon May 30 03:31:24 CEST 2016
#5598: image2pipe disruption and OOM crash on BMP sequences with certain pixel
values
-------------------------------------+-------------------------------------
Reporter: CoJaBo | Type: defect
Status: new | Priority: important
Component: | Version: git-
undetermined | master
Keywords: | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
Bitmap images read through -f image2pipe disrupt ffmpeg if they contain
values equal to "BM" at certain offsets; I suspect that ffmpeg is
interpreting these as headers for some reason, even though they occur in
the middle of image data.
The shortest sequence I can get to exhibit this issue is 3 frames. Run the
following commands using the attached files and observe the number of
output frames:
With a stream of 3 blank images, everything is as expected, with 3 frames
output-
{{{
cat blank.bmp blank.bmp blank.bmp | ffmpeg -f image2pipe -i - junk.mkv
}}}
Changing 2 specific pixels near the top of the middle image results in
ffmpeg seeing only 2 frames-
{{{
cat blank.bmp error.bmp blank.bmp | ffmpeg -f image2pipe -i - junk.mkv
}}}
If such a frame occurs in the middle of a large input stream, upon hitting
it ffmpeg will stop producing output and attempt to read the remainder of
the input stream into RAM until it runs out of memory and dies.
--
Ticket URL: <https://trac.ffmpeg.org/ticket/5598>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list