[FFmpeg-trac] #10317(ffmpeg:new): Segmentation violation in ffmpeg (lame_window_init libavcodec/aacpsy.c:270)
FFmpeg
trac at avcodec.org
Wed Apr 12 13:28:09 EEST 2023
#10317: Segmentation violation in ffmpeg (lame_window_init libavcodec/aacpsy.c:270)
-------------------------------------+-------------------------------------
Reporter: Youngseok | Type: defect
Choi |
Status: new | Priority: normal
Component: ffmpeg | Version: git-
Keywords: fuzzing, | master
SIGSEGV | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
Hi, our fuzzer found a new SEGV bug in ffmpeg.
**Command Input**
{{{
ffmpeg -i poc_file -q 8M .mpd
}}}
poc_file is attached!
**Command Output**
{{{
ffmpeg version N-110167-g97c95961f0 Copyright (c) 2000-2023 the FFmpeg
developers
built with gcc 7 (Ubuntu 7.5.0-3ubuntu1~18.04)
configuration:
--prefix=/home/youngseok/subjects/latest_asan_install/ffmpeg --extra-
cflags='-fsanitize=address -g -O0' --extra-cxxflags='-fsanitize=address -g
-O0' --extra-ldflags='-fsanitize=address -g -O0' --disable-optimizations
--disable-stripping
libavutil 58. 5.100 / 58. 5.100
libavcodec 60. 9.100 / 60. 9.100
libavformat 60. 4.101 / 60. 4.101
libavdevice 60. 2.100 / 60. 2.100
libavfilter 9. 5.100 / 9. 5.100
libswscale 7. 2.100 / 7. 2.100
libswresample 4. 11.100 / 4. 11.100
[ea_cdata @ 0x617000000080] Format ea_cdata detected only with low score
of 12, misdetection possible!
[aist#0:0/adpcm_ea_xas @ 0x616000000980] Guessed Channel Layout: stereo
Input #0, ea_cdata, from
'/home/youngseok/data/230411/asan_inter_30_30_shrink5_1_230308/ffmpeg/1_id:000033/poc_file':
Duration: N/A, start: 0.000000, bitrate: N/A
Stream #0:0: Audio: adpcm_ea_xas, 108 Hz, 2 channels, s16p
Stream mapping:
Stream #0:0 -> #0:0 (adpcm_ea_xas (native) -> aac (native))
Press [q] to stop, [?] for help
[ea_cdata @ 0x617000000080] Packet corrupt (stream = 0, dts = NOPTS).
[in#0/ea_cdata @ 0x612000000040] corrupt input packet in stream 0
[aac @ 0x619000001e80] Too many bits 17832.925170 > 12288 per frame
requested, clamping to max
}}}
**Stack Trace** (Asan)
{{{
==14366==ERROR: AddressSanitizer: SEGV on unknown address 0x55555d125164
(pc 0x55555883bf4a bp 0x7fffffffd150 sp 0x7fffffffd130 T0)
==14366==The signal is caused by a READ memory access.
#0 0x55555883bf49 in lame_window_init libavcodec/aacpsy.c:270
#1 0x55555883db76 in psy_3gpp_init libavcodec/aacpsy.c:379
#2 0x555558731ce5 in ff_psy_init libavcodec/psymodel.c:69
#3 0x555558183116 in aac_encode_init libavcodec/aacenc.c:1365
#4 0x555556b4b313 in avcodec_open2 libavcodec/avcodec.c:322
#5 0x555555b10810 in init_output_stream fftools/ffmpeg.c:3238
#6 0x555555af527c in init_output_stream_wrapper fftools/ffmpeg.c:739
#7 0x555555afc26f in reap_filters fftools/ffmpeg.c:1391
#8 0x555555b1887c in transcode_step fftools/ffmpeg.c:4007
#9 0x555555b18a9e in transcode fftools/ffmpeg.c:4044
#10 0x555555b196f8 in main fftools/ffmpeg.c:4182
#11 0x7ffff5601c86 in __libc_start_main (/lib/x86_64-linux-
gnu/libc.so.6+0x21c86)
#12 0x555555a84499 in _start
(/home/youngseok/subjects/latest_asan_install/ffmpeg/bin/ffmpeg+0x530499)
}}}
**Environment**
Built with address sanitizer.
{{{
ffmpeg version N-110167-g97c95961f0 Copyright (c) 2000-2023 the FFmpeg
developers
built with gcc 7 (Ubuntu 7.5.0-3ubuntu1~18.04)
configuration:
--prefix=/home/youngseok/subjects/latest_asan_install/ffmpeg --extra-
cflags='-fsanitize=address -g -O0' --extra-cxxflags='-fsanitize=address -g
-O0' --extra-ldflags='-fsanitize=address -g -O0' --disable-optimizations
--disable-stripping
}}}
--
Ticket URL: <https://trac.ffmpeg.org/ticket/10317>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list