[FFmpeg-trac] #9908(ffmpeg:new): Trigger assertion during converting mp4

FFmpeg trac at avcodec.org
Tue Sep 6 19:28:56 EEST 2022 

#9908: Trigger assertion during converting mp4
------------------------------------+----------------------------------
             Reporter:  microfuzz   |                    Owner:  (none)
                 Type:  defect      |                   Status:  new
             Priority:  important   |                Component:  ffmpeg
              Version:  git-master  |               Resolution:
             Keywords:              |               Blocked By:
             Blocking:              |  Reproduced by developer:  0
Analyzed by developer:  0           |
------------------------------------+----------------------------------
Description changed by microfuzz:

Old description:

> Summary of the bug:
>
> I triggered an assertion failure during converting the mp4 file.
> The sample can be accessed at:
> https://github.com/zr950624/Bug_submit/blob/main/crash1.mp4
> How to reproduce:
> {{{
> % ./ffmpeg -f mp4 -i crash1.mp4 -f mxf aa37 -y
>
> Full output log:
> /home/microfuzz/FFmpeg/ffmpeg -f mp4 -i ~/ffmpeg_crashes/crash1.mp4 -f
> mxf aa37 -y
> ffmpeg version git-2022-09-05-8913539 Copyright (c) 2000-2022 the FFmpeg
> developers
>   built with clang version 6.0.0-1ubuntu2 (tags/RELEASE_600/final)
>   configuration:
> --cc=/home/microfuzz/MicroFuzz/benchmarks/fuzzers/AFLplusplus/afl-clang
> --cxx=/home/microfuzz/MicroFuzz/benchmarks/fuzzers/AFLplusplus/afl-
> clang++
>   libavutil      57. 36.101 / 57. 36.101
>   libavcodec     59. 42.104 / 59. 42.104
>   libavformat    59. 30.101 / 59. 30.101
>   libavdevice    59.  8.101 / 59.  8.101
>   libavfilter     8. 48.100 /  8. 48.100
>   libswscale      6.  8.104 /  6.  8.104
>   libswresample   4.  9.100 /  4.  9.100
> [mov,mp4,m4a,3gp,3g2,mj2 @ 0x4b44480] multiple fourcc not supported
> [mov,mp4,m4a,3gp,3g2,mj2 @ 0x4b44480] overread end of atom 'stsd' by
> 1076899745 bytes
> [mov,mp4,m4a,3gp,3g2,mj2 @ 0x4b44480] stream 0, timescale not set
> [NULL @ 0x4b4fc40] Codec type or id mismatches
> [mov,mp4,m4a,3gp,3g2,mj2 @ 0x4b44480] Failed to open codec in
> avformat_find_stream_info
> [NULL @ 0x4b4fc40] Codec type or id mismatches
> [mov,mp4,m4a,3gp,3g2,mj2 @ 0x4b44480] Failed to open codec in
> avformat_find_stream_info
> [mov,mp4,m4a,3gp,3g2,mj2 @ 0x4b44480] Could not find codec parameters for
> stream 1 (Audio: mpeg2video (mp4a / 0x6134706D), 12336 Hz, 12336
> channels): unspecified sample format
> Consider increasing the value for the 'analyzeduration' (0) and
> 'probesize' (5000000) options
> Input #0, mov,mp4,m4a,3gp,3g2,mj2, from
> '/home/microfuzz/ffmpeg_crashes/crash1.mp4':
>   Metadata:
>     major_brand     : 0000
>     minor_version   : 808464432
>     compatible_brands: 000
>     creation_time   : 1995-08-15T05:27:12.000000Z
>   Duration: 00:04:16.00, start: 0.000000, bitrate: 0 kb/s
>   Stream #0:0[0x1]: Audio: pcm_u8 (raw  / 0x20776172), 12328 Hz, 255
> channels, u8, 25149 kb/s (default)
>     Metadata:
>       handler_name    : 0000000000000
>       vendor_id       : [0][0][0][0]
>   Stream #0:1[0x1](lap): Audio: mpeg2video (mp4a / 0x6134706D), 12336 Hz,
> 12336 channels (default)
>     Metadata:
>       creation_time   : 2014-02-23T23:09:36.000000Z
>       handler_name    : 0000000000000
>       vendor_id       : [0][0]0[0]
>     Side data:
>       unknown side data type 24 (84 bytes)
> Stream mapping:
>   Stream #0:0 -> #0:0 (pcm_u8 (native) -> pcm_s16le (native))
> Press [q] to stop, [?] for help
> [pcm_u8 @ 0x4b533c0] Multiple frames in a packet.
> [auto_aresample_0 @ 0x4ba4680] [SWR @ 0x4ba47c0] Input channel layout
> "255 channels" is invalid or unsupported.
> [auto_aresample_0 @ 0x4ba4680] [SWR @ 0x4ba47c0] Output channel layout
> "255 channels" is invalid or unsupported.
> Assertion ctx->channels == out->ch_count failed at
> libswresample/audioconvert.c:202
> [1]    255437 abort      ./ffmpeg -f mp4 -i ~/ffmpeg_crashes/crash1.mp4 -
>

> ffmpeg version:
> ffmpeg version git-2022-09-05-8913539 Copyright (c) 2000-2022 the FFmpeg
> developers
> built with clang version 6.0.0-1ubuntu2 (tags/RELEASE_600/final)
>

> built on:
> Distributor ID: Ubuntu
> Description:    Ubuntu 18.04.6 LTS
> Release:        18.04
> Codename:       bionic
> }}}
> Patches should be submitted to the ffmpeg-devel mailing list and not this
> bug tracker.

New description:

 Summary of the bug:

 I triggered an assertion failure during converting the mp4 file.
 The sample is attached below.
 How to reproduce:
 {{{
 % ./ffmpeg -f mp4 -i crash1.mp4 -f mxf aa37 -y

 Full output log:
 /home/microfuzz/FFmpeg/ffmpeg -f mp4 -i ~/ffmpeg_crashes/crash1.mp4 -f mxf
 aa37 -y
 ffmpeg version git-2022-09-05-8913539 Copyright (c) 2000-2022 the FFmpeg
 developers
   built with clang version 6.0.0-1ubuntu2 (tags/RELEASE_600/final)
   configuration:
 --cc=/home/microfuzz/MicroFuzz/benchmarks/fuzzers/AFLplusplus/afl-clang
 --cxx=/home/microfuzz/MicroFuzz/benchmarks/fuzzers/AFLplusplus/afl-clang++
   libavutil      57. 36.101 / 57. 36.101
   libavcodec     59. 42.104 / 59. 42.104
   libavformat    59. 30.101 / 59. 30.101
   libavdevice    59.  8.101 / 59.  8.101
   libavfilter     8. 48.100 /  8. 48.100
   libswscale      6.  8.104 /  6.  8.104
   libswresample   4.  9.100 /  4.  9.100
 [mov,mp4,m4a,3gp,3g2,mj2 @ 0x4b44480] multiple fourcc not supported
 [mov,mp4,m4a,3gp,3g2,mj2 @ 0x4b44480] overread end of atom 'stsd' by
 1076899745 bytes
 [mov,mp4,m4a,3gp,3g2,mj2 @ 0x4b44480] stream 0, timescale not set
 [NULL @ 0x4b4fc40] Codec type or id mismatches
 [mov,mp4,m4a,3gp,3g2,mj2 @ 0x4b44480] Failed to open codec in
 avformat_find_stream_info
 [NULL @ 0x4b4fc40] Codec type or id mismatches
 [mov,mp4,m4a,3gp,3g2,mj2 @ 0x4b44480] Failed to open codec in
 avformat_find_stream_info
 [mov,mp4,m4a,3gp,3g2,mj2 @ 0x4b44480] Could not find codec parameters for
 stream 1 (Audio: mpeg2video (mp4a / 0x6134706D), 12336 Hz, 12336
 channels): unspecified sample format
 Consider increasing the value for the 'analyzeduration' (0) and
 'probesize' (5000000) options
 Input #0, mov,mp4,m4a,3gp,3g2,mj2, from
 '/home/microfuzz/ffmpeg_crashes/crash1.mp4':
   Metadata:
     major_brand     : 0000
     minor_version   : 808464432
     compatible_brands: 000
     creation_time   : 1995-08-15T05:27:12.000000Z
   Duration: 00:04:16.00, start: 0.000000, bitrate: 0 kb/s
   Stream #0:0[0x1]: Audio: pcm_u8 (raw  / 0x20776172), 12328 Hz, 255
 channels, u8, 25149 kb/s (default)
     Metadata:
       handler_name    : 0000000000000
       vendor_id       : [0][0][0][0]
   Stream #0:1[0x1](lap): Audio: mpeg2video (mp4a / 0x6134706D), 12336 Hz,
 12336 channels (default)
     Metadata:
       creation_time   : 2014-02-23T23:09:36.000000Z
       handler_name    : 0000000000000
       vendor_id       : [0][0]0[0]
     Side data:
       unknown side data type 24 (84 bytes)
 Stream mapping:
   Stream #0:0 -> #0:0 (pcm_u8 (native) -> pcm_s16le (native))
 Press [q] to stop, [?] for help
 [pcm_u8 @ 0x4b533c0] Multiple frames in a packet.
 [auto_aresample_0 @ 0x4ba4680] [SWR @ 0x4ba47c0] Input channel layout "255
 channels" is invalid or unsupported.
 [auto_aresample_0 @ 0x4ba4680] [SWR @ 0x4ba47c0] Output channel layout
 "255 channels" is invalid or unsupported.
 Assertion ctx->channels == out->ch_count failed at
 libswresample/audioconvert.c:202
 [1]    255437 abort      ./ffmpeg -f mp4 -i ~/ffmpeg_crashes/crash1.mp4 -


 ffmpeg version:
 ffmpeg version git-2022-09-05-8913539 Copyright (c) 2000-2022 the FFmpeg
 developers
 built with clang version 6.0.0-1ubuntu2 (tags/RELEASE_600/final)


 built on:
 Distributor ID: Ubuntu
 Description:    Ubuntu 18.04.6 LTS
 Release:        18.04
 Codename:       bionic
 }}}
 Patches should be submitted to the ffmpeg-devel mailing list and not this
 bug tracker.

--
-- 
Ticket URL: <https://trac.ffmpeg.org/ticket/9908#comment:1>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker

More information about the FFmpeg-trac mailing list