[FFmpeg-trac] #9120(avformat:open): dss seek crash (was: heap buffer overflow write when extracting frames from the video)
FFmpeg
trac at avcodec.org
Thu Feb 25 00:36:23 EET 2021
#9120: dss seek crash
------------------------------------+------------------------------------
Reporter: bird | Owner:
Type: defect | Status: open
Priority: important | Component: avformat
Version: git-master | Resolution:
Keywords: dss crash | Blocked By:
Blocking: | Reproduced by developer: 1
Analyzed by developer: 0 |
------------------------------------+------------------------------------
Changes (by cehoyos):
* status: new => open
* reproduced: 0 => 1
* component: ffmpeg => avformat
* priority: normal => important
* keywords: => dss crash
Comment:
{{{
$ valgrind ffmpeg_g -ss 0 -i 1
==1963== Memcheck, a memory error detector
==1963== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==1963== Using Valgrind-3.16.1 and LibVEX; rerun with -h for copyright
info
==1963== Command: ffmpeg_g -ss 0 -i 1
==1963==
ffmpeg version N-101291-gd3d99a0a06 Copyright (c) 2000-2021 the FFmpeg
developers
built with gcc 10 (SUSE Linux)
configuration: --enable-gpl
libavutil 56. 66.100 / 56. 66.100
libavcodec 58.125.100 / 58.125.100
libavformat 58. 68.100 / 58. 68.100
libavdevice 58. 12.100 / 58. 12.100
libavfilter 7.107.100 / 7.107.100
libswscale 5. 8.100 / 5. 8.100
libswresample 3. 8.100 / 3. 8.100
libpostproc 55. 8.100 / 55. 8.100
[dss @ 0x5082540] Estimating duration from bitrate, this may be inaccurate
==1963== Invalid write of size 2
==1963== at 0x483DEC3: memcpy at GLIBC_2.2.5 (in /usr/lib64/valgrind
/vgpreload_memcheck-amd64-linux.so)
==1963== by 0x720723: avio_read (aviobuf.c:673)
==1963== by 0x7366F3: dss_sp_read_packet (dss.c:246)
==1963== by 0x7366F3: dss_read_packet (dss.c:321)
==1963== by 0x833BE9: ff_read_packet (utils.c:823)
==1963== by 0x834D7A: read_frame_internal (utils.c:1526)
==1963== by 0x835C27: av_read_frame (utils.c:1730)
==1963== by 0x83780C: seek_frame_generic (utils.c:2388)
==1963== by 0x83780C: seek_frame_internal (utils.c:2461)
==1963== by 0x83780C: av_seek_frame (utils.c:2481)
==1963== by 0x8373F9: avformat_seek_file (utils.c:2533)
==1963== by 0x49C7A0: open_input_file (ffmpeg_opt.c:1252)
==1963== by 0x4A0117: open_files (ffmpeg_opt.c:3335)
==1963== by 0x4A0117: ffmpeg_parse_options (ffmpeg_opt.c:3375)
==1963== by 0x494C97: main (ffmpeg.c:4964)
==1963== Address 0x5094874 is 12 bytes before a block of size 68 alloc'd
==1963== at 0x483BEB8: memalign (in /usr/lib64/valgrind
/vgpreload_memcheck-amd64-linux.so)
==1963== by 0x483BFEE: posix_memalign (in /usr/lib64/valgrind
/vgpreload_memcheck-amd64-linux.so)
==1963== by 0x121A74F: av_malloc (mem.c:86)
==1963== by 0x121A74F: av_mallocz (mem.c:239)
==1963== by 0x83CC04: avformat_open_input (utils.c:581)
==1963== by 0x49C973: open_input_file (ffmpeg_opt.c:1174)
==1963== by 0x4A0117: open_files (ffmpeg_opt.c:3335)
==1963== by 0x4A0117: ffmpeg_parse_options (ffmpeg_opt.c:3375)
==1963== by 0x494C97: main (ffmpeg.c:4964)
==1963==
1: could not seek to position 0.000
Input #0, dss, from '1':
Metadata:
author : ��0� ?B�
: ������
date : 2077-77-77T77:77:77
comment :
Duration: 00:00:00.29, start: 0.000000, bitrate: 13 kb/s
Stream #0:0: Audio: dss_sp, 11025 Hz, mono, s16
At least one output file must be specified
==1963==
==1963== HEAP SUMMARY:
==1963== in use at exit: 0 bytes in 0 blocks
==1963== total heap usage: 206 allocs, 206 frees, 100,610 bytes
allocated
==1963==
==1963== All heap blocks were freed -- no leaks are possible
==1963==
==1963== For lists of detected and suppressed errors, rerun with: -s
==1963== ERROR SUMMARY: 12 errors from 1 contexts (suppressed: 0 from 0)
}}}
--
Ticket URL: <https://trac.ffmpeg.org/ticket/9120#comment:1>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list