[FFmpeg-trac] #2961(avcodec:open): indeo4: invalid read
FFmpeg
trac at avcodec.org
Sat Sep 14 13:09:53 CEST 2013
#2961: indeo4: invalid read
-------------------------------------+-------------------------------------
Reporter: ami_stuff | Owner:
Type: defect | Status: open
Priority: important | Component: avcodec
Version: git-master | Resolution:
Keywords: iv41 crash | Blocked By:
SIGSEGV | Reproduced by developer: 1
Blocking: |
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
Changes (by cehoyos):
* status: new => open
* reproduced: 0 => 1
* component: undetermined => avcodec
* priority: normal => important
* version: unspecified => git-master
* keywords: => iv41 crash SIGSEGV
Comment:
{{{
Program received signal SIGSEGV, Segmentation fault.
ff_ivi_decode_frame (avctx=0x16f0360, data=0x16d9040,
got_frame=0x7fffffffd7ec, avpkt=<optimized out>) at
libavcodec/ivi_common.c:1024
1024 if (!ctx->planes[p].bands[0].buf)
(gdb) bt
#0 ff_ivi_decode_frame (avctx=0x16f0360, data=0x16d9040,
got_frame=0x7fffffffd7ec, avpkt=<optimized out>) at
libavcodec/ivi_common.c:1024
#1 0x00000000009da72b in avcodec_decode_video2 (avctx=0x16f0360,
picture=picture at entry=0x16d9040,
got_picture_ptr=got_picture_ptr at entry=0x7fffffffd7ec,
avpkt=avpkt at entry=0x7fffffffda50)
at libavcodec/utils.c:1995
#2 0x000000000046c650 in decode_video (ist=ist at entry=0x16f4220,
pkt=pkt at entry=0x7fffffffda50, got_output=got_output at entry=0x7fffffffd7ec)
at ffmpeg.c:1668
#3 0x000000000046f94f in output_packet (pkt=0x7fffffffd9f0,
ist=0x16f4220) at ffmpeg.c:1866
#4 process_input (file_index=<optimized out>) at ffmpeg.c:3089
#5 0x000000000045da10 in transcode_step () at ffmpeg.c:3185
#6 transcode () at ffmpeg.c:3237
#7 main (argc=<optimized out>, argv=<optimized out>) at ffmpeg.c:3415
(gdb) disass $pc-32,$pc+32
Dump of assembler code from 0x85f7c7 to 0x85f807:
0x000000000085f7c7 <ff_ivi_decode_frame+743>: jl 0x85f7ed
<ff_ivi_decode_frame+781>
0x000000000085f7c9 <ff_ivi_decode_frame+745>: push %rax
0x000000000085f7ca <ff_ivi_decode_frame+746>: mov
0x1244(%rdi),%r11d
0x000000000085f7d1 <ff_ivi_decode_frame+753>: test %r11d,%r11d
0x000000000085f7d4 <ff_ivi_decode_frame+756>: jne 0x860876
<ff_ivi_decode_frame+5014>
0x000000000085f7da <ff_ivi_decode_frame+762>: mov
0x1280(%rdi),%rax
0x000000000085f7e1 <ff_ivi_decode_frame+769>: mov
$0xbebbb1b7,%r9d
=> 0x000000000085f7e7 <ff_ivi_decode_frame+775>: cmpq
$0x0,0x28(%rax)
0x000000000085f7ec <ff_ivi_decode_frame+780>: je 0x85f84e
<ff_ivi_decode_frame+878>
0x000000000085f7ee <ff_ivi_decode_frame+782>: mov
0x1290(%rdi),%rax
0x000000000085f7f5 <ff_ivi_decode_frame+789>: cmpq
$0x0,0x28(%rax)
0x000000000085f7fa <ff_ivi_decode_frame+794>: je 0x85f84e
<ff_ivi_decode_frame+878>
0x000000000085f7fc <ff_ivi_decode_frame+796>: mov
0x12a0(%rdi),%rax
0x000000000085f803 <ff_ivi_decode_frame+803>: cmpq
$0x0,0x28(%rax)
End of assembler dump.
(gdb) info register
rax 0x0 0
rbx 0x16d9040 23957568
rcx 0x0 0
rdx 0x0 0
rsi 0x16e47e0 24004576
rdi 0x16f56a0 24073888
rbp 0x7fffffffda50 0x7fffffffda50
rsp 0x7fffffffd420 0x7fffffffd420
r8 0x5 5
r9 0xbebbb1b7 3199971767
r10 0x18 24
r11 0x0 0
r12 0x16f0360 24052576
r13 0x7fffffffda50 140737488345680
r14 0x16f4220 24068640
r15 0x16f4228 24068648
rip 0x85f7e7 0x85f7e7 <ff_ivi_decode_frame+775>
eflags 0x10246 [ PF ZF IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
}}}
--
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/2961#comment:1>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list