[FFmpeg-trac] #5099(undetermined:new): dxv: crash with fuzzed file 2

FFmpeg trac at avcodec.org
Mon Dec 21 19:00:23 CET 2015 

#5099: dxv: crash with fuzzed file 2
-------------------------------------+-------------------------------------
               Reporter:  ami_stuff  |                  Owner:
                   Type:  defect     |                 Status:  new
               Priority:  normal     |              Component:
                Version:             |  undetermined
  unspecified                        |               Keywords:
             Blocked By:             |               Blocking:
Reproduced by developer:  0          |  Analyzed by developer:  0
-------------------------------------+-------------------------------------
 http://www.datafilehost.com/d/20ff4a86

 {{{
 (gdb) r -i 2_fuzz.mov -f null -
 Starting program: /media/sdb1/ffmpeg/ffmpeg_g -i 2_fuzz.mov -f null -
 [Thread debugging using libthread_db enabled]
 Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
 ffmpeg version 2.8.git Copyright (c) 2000-2015 the FFmpeg developers
   built with gcc 4.7 (Debian 4.7.2-4)
   configuration: --enable-gpl --disable-ffprobe --disable-ffplay
   libavutil      55.  7.100 / 55.  7.100
   libavcodec     57. 15.100 / 57. 15.100
   libavformat    57. 17.100 / 57. 17.100
   libavdevice    57.  0.100 / 57.  0.100
   libavfilter     6. 15.100 /  6. 15.100
   libswscale      4.  0.100 /  4.  0.100
   libswresample   2.  0.101 /  2.  0.101
   libpostproc    54.  0.100 / 54.  0.100
 [mov,mp4,m4a,3gp,3g2,mj2 @ 0x9729200] overread end of atom 'stsd' by 256
 bytes
 Input #0, mov,mp4,m4a,3gp,3g2,mj2, from '2_fuzz.mov':
   Metadata:
     major_brand     : qt
     minor_version   : 537199360
     compatible_brands: qt
     creation_time   : 2015-12-21 17:17:04
   Duration: 00:00:12.64, start: 0.000000, bitrate: 6237 kb/s
     Stream #0:0(eng): Video: dxv (DXD3 / 0x33445844), rgba, 320x240,
 1407876 kb/s, 23.97 fps, 23.97 tbr, 1000k tbn, 1000k tbc (default)
     Metadata:
       creation_time   : 2015-12-21 17:17:04
       handler_name    : Procedura obs�ugi skr�t�w danych Apple
       encoder         : DXV 3
 Output #0, null, to 'pipe:':
   Metadata:
     major_brand     : qt
     minor_version   : 537199360
     compatible_brands: qt
     encoder         : Lavf57.17.100
     Stream #0:0(eng): Video: wrapped_avframe, rgba, 320x240, q=2-31, 200
 kb/s, 23.97 fps, 23.97 tbn, 23.97 tbc (default)
     Metadata:
       creation_time   : 2015-12-21 17:17:04
       handler_name    : Procedura obs�ugi skr�t�w danych Apple
       encoder         : Lavc57.15.100 wrapped_avframe
 Stream mapping:
   Stream #0:0 -> #0:0 (dxv (native) -> wrapped_avframe (native))
 Press [q] to stop, [?] for help

 Program received signal SIGSEGV, Segmentation fault.
 0x083d12d9 in dxv_decompress_dxt5 (avctx=avctx at entry=0x972eca0)
     at libavcodec/dxv.c:300
 300                     prev = AV_RL32(ctx->tex_data + 4 * (pos - idx));
 (gdb)
 }}}

--
Ticket URL: <https://trac.ffmpeg.org/ticket/5099>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker

More information about the FFmpeg-trac mailing list