[FFmpeg-trac] #8187(undetermined:new): signed integer overflow in libavformat/mpegenc.c
FFmpeg
trac at avcodec.org
Fri Sep 20 18:47:11 EEST 2019
#8187: signed integer overflow in libavformat/mpegenc.c
-------------------------------------+-------------------------------------
Reporter: Suhwan | Type: defect
Status: new | Priority: normal
Component: | Version: git-
undetermined | master
Keywords: ubsan | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
Summary of the bug:
There is a signed integer overflow in libavformat/mpegenc.c
{{{
libavformat/mpegenc.c:1219:19: runtime error: signed integer overflow:
-9223372036854775808 - 45000 cannot be represented in type 'long'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior
libavformat/mpegenc.c:1219:19 in
1217 if (is_iframe &&
(gdb) bt
#0 mpeg_mux_write_packet (ctx=0x61b000000e80, pkt=0x3feeae6609317801)
at libavformat/mpegenc.c:1217
#1 0x00000000023195b4 in write_packet (s=0x61b000000e80, pkt=<optimized
out>)
at libavformat/mux.c:747
#2 0x0000000002326f0c in av_interleaved_write_frame (s=<optimized out>,
pkt=0x7fffffffb040) at libavformat/mux.c:1238
#3 0x000000000063bfff in write_packet (of=0x61600000b601,
pkt=0x7fffffffb040,
ost=0x61600000b480, unqueue=0) at fftools/ffmpeg.c:815
#4 0x0000000000614210 in do_streamcopy (ist=0x615000000040,
ost=<optimized out>,
pkt=0x7fffffffb8e0) at fftools/ffmpeg.c:2076
#5 process_input_packet (ist=0x615000000040, pkt=0x7fffffffb8e0,
no_eof=0)
at fftools/ffmpeg.c:2746
#6 0x000000000064abf8 in process_input (file_index=7120) at
fftools/ffmpeg.c:4518
#7 0x00000000005e71e8 in transcode_step () at fftools/ffmpeg.c:4638
#8 transcode () at fftools/ffmpeg.c:4692
#9 0x00000000005db6ec in main (argc=<optimized out>, argv=<optimized
out>)
at fftools/ffmpeg.c:4894
}}}
How to reproduce:
{{{
% ./ffmpeg_g -y -r 2 -i avi+mpeg4+++vdpart-bug.avi -target dvd -loglevel
99 -map 0 -c copy -c:a:39 xbm -disposition:s:13 g723_1 -disposition:a:151
ayuv -ac 16 -strict 1 tmp.rpl
ffmpeg version N-94982-gea673a0edb Copyright (c) 2000-2019 the FFmpeg
developers
built with clang version 6.0.0-1ubuntu2 (tags/RELEASE_600/final)
configuration: --cc=clang --cxx=clang++ --ld=clang --enable-debug
--toolchain=clang-usan
}}}
Patches should be submitted to the ffmpeg-devel mailing list and not this
bug tracker.
--
Ticket URL: <https://trac.ffmpeg.org/ticket/8187>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list