[FFmpeg-trac] #2998(undetermined:new): aac: maybe integer overflow

FFmpeg trac at avcodec.org
Wed Sep 25 21:08:12 CEST 2013 

#2998: aac: maybe integer overflow
-------------------------------------+-------------------------------------
               Reporter:  ami_stuff  |                  Owner:
                   Type:  defect     |                 Status:  new
               Priority:  normal     |              Component:
                Version:             |  undetermined
  unspecified                        |               Keywords:
             Blocked By:             |               Blocking:
Reproduced by developer:  0          |  Analyzed by developer:  0
-------------------------------------+-------------------------------------
 please run this command:

 {{{
 zzuf -M2000 -c -s8548 -r0.000001:0.6 -S -b9000-25000000 ffmpeg -max_alloc
 4000000 -i rv10.rm -f null -
 }}}

 and tell me if it's a bug of ffmpeg (integer overflow or such) or bug of
 valgrind.

 signal 9 doesn't occure at every time (please run zzuf a few times to
 reproduce this)

 I have seen more of similar cases while fuzzing various files.

 {{{
 ffmpeg version 2.0-93439e8 Copyright (c) 2000-2013 the FFmpeg developers
   built on Sep 18 2013 23:23:15 with gcc 4.7 (Debian 4.7.2-5)
   configuration: --disable-yasm --enable-gpl --disable-ffprobe --disable-
 ffserver
   libavutil      52. 44.100 / 52. 44.100
   libavcodec     55. 31.101 / 55. 31.101
   libavformat    55. 18.100 / 55. 18.100
   libavdevice    55.  3.100 / 55.  3.100
   libavfilter     3. 86.101 /  3. 86.101
   libswscale      2.  5.100 /  2.  5.100
   libswresample   0. 17.103 /  0. 17.103
   libpostproc    52.  3.100 / 52.  3.100
 Input #0, rm, from 'v2/rv10.rm':
   Metadata:
     title           :
     author          :
     copyright       :
     comment         :
     ASMRuleBook     : #($Bandwidth >= 0),Stream1Bandwidth = 320000,
 Stream0Bandwidth = 1024000;
     Creation Date   : 4/20/2012 16:42:50
     Generated By    : Helix Producer SDK 13.1 for Windows, Build
 13.1.1.3436
     Modification Date: 4/20/2012 16:42:50
   Duration: 00:00:12.68, start: 0.000000, bitrate: 1315 kb/s
     Stream #0:0: Video: rv40 (RV40 / 0x30345652), yuv420p, 320x240, 1024
 kb/s, 15 fps, 15 tbr, 1k tbn, 1k tbc
     Stream #0:1: Audio: aac (raac / 0x63616172), 44100 Hz, stereo, fltp,
 320 kb/s
 Output #0, null, to 'pipe:':
   Metadata:
     title           :
     author          :
     copyright       :
     comment         :
     ASMRuleBook     : #($Bandwidth >= 0),Stream1Bandwidth = 320000,
 Stream0Bandwidth = 1024000;
     Creation Date   : 4/20/2012 16:42:50
     Generated By    : Helix Producer SDK 13.1 for Windows, Build
 13.1.1.3436
     Modification Date: 4/20/2012 16:42:50
     encoder         : Lavf55.18.100
     Stream #0:0: Video: rawvideo (I420 / 0x30323449), yuv420p, 320x240,
 q=2-31, 200 kb/s, 90k tbn, 15 tbc
     Stream #0:1: Audio: pcm_s16le, 44100 Hz, stereo, s16, 1411 kb/s
 Stream mapping:
   Stream #0:0 -> #0:0 (rv40 -> rawvideo)
   Stream #0:1 -> #0:1 (aac -> pcm_s16le)
 Press [q] to stop, [?] for help
 [rv40 @ 0x911f800] First slice header is incorrect
 [rv40 @ 0x91148a0] Context scratch buffers could not be allocated due to
 unknown size.
 [rv40 @ 0x91148a0] First slice header is incorrect
 DTS 1141407872, next:188219 st:1 invalid dropping
 PTS 1141407872, next:188219 invalid dropping st:1
 [aac @ 0x911b5e0] SSR is not implemented. Update your FFmpeg version to
 the newest one from Git. If the problem still occurs, it means that your
 file has a feature which has not been implemented.
 [aac @ 0x911b5e0] If you want to help, upload a sample of this file to
 ftp://upload.ffmpeg.org/MPlayer/incoming/ and contact the ffmpeg-devel
 mailing list.
 Error while decoding stream #0:1: Not yet implemented in FFmpeg, patches
 welcome
 DTS 1141407895, next:188219 st:1 invalid dropping
 PTS 1141407895, next:188219 invalid dropping st:1
 [aac @ 0x911b5e0] Reserved bit set.
 Error while decoding stream #0:1: Invalid data found when processing input
 DTS 1141407918, next:188219 st:1 invalid dropping
 PTS 1141407918, next:188219 invalid dropping st:1
 [aac @ 0x911b5e0] channel element 2.0 is not allocated
 Error while decoding stream #0:1: Invalid data found when processing input
 DTS 1141407941, next:188219 st:1 invalid dropping
 PTS 1141407941, next:188219 invalid dropping st:1
 [aac @ 0x911b5e0] channel element 2.14 is not allocated
 Error while decoding stream #0:1: Invalid data found when processing input
 DTS 1141407964, next:188219 st:1 invalid dropping
 PTS 1141407964, next:188219 invalid dropping st:1
 [aac @ 0x911b5e0] Reserved bit set.
 Error while decoding stream #0:1: Invalid data found when processing input
 DTS 1141407987, next:188219 st:1 invalid dropping
 PTS 1141407987, next:188219 invalid dropping st:1
 [aac @ 0x911b5e0] Sample rate index in program config element does not
 match the sample rate index configured by the container.
 zzuf[s=8548,r=1e-06:0.6]: signal 9 (memory exceeded?)
 }}}

-- 
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/2998>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker

More information about the FFmpeg-trac mailing list