[FFmpeg-trac] #5495(undetermined:new): dsf: fpe with fuzzed file

FFmpeg trac at avcodec.org
Sat Apr 30 00:42:49 CEST 2016 

#5495: dsf: fpe with fuzzed file
-------------------------------------+-------------------------------------
               Reporter:  ami_stuff  |                  Owner:
                   Type:  defect     |                 Status:  new
               Priority:  normal     |              Component:
                Version:             |  undetermined
  unspecified                        |               Keywords:
             Blocked By:             |               Blocking:
Reproduced by developer:  0          |  Analyzed by developer:  0
-------------------------------------+-------------------------------------
 https://www.datafilehost.com/d/3e49d49c

 {{{
 (gdb) r -i fpe_fuzz.dsf
 Starting program: /media/sdb1/ffmpeg/ffmpeg_g -i fpe_fuzz.dsf
 [Thread debugging using libthread_db enabled]
 Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
 ffmpeg version 3.0.git Copyright (c) 2000-2016 the FFmpeg developers
   built with gcc 4.8 (Ubuntu 4.8.4-2ubuntu1~14.04.1)
   configuration: --enable-gpl --disable-ffprobe --disable-ffplay
 --disable-ffserver
   libavutil      55. 23.100 / 55. 23.100
   libavcodec     57. 38.100 / 57. 38.100
   libavformat    57. 34.103 / 57. 34.103
   libavdevice    57.  0.101 / 57.  0.101
   libavfilter     6. 44.100 /  6. 44.100
   libswscale      4.  1.100 /  4.  1.100
   libswresample   2.  0.101 /  2.  0.101
   libpostproc    54.  0.100 / 54.  0.100
 [dsf @ 0x973d1a0] Failed to uncompress tag: -3

 Program received signal SIGFPE, Arithmetic exception.
 0x0822f1e8 in dsf_read_header (s=0x973d1a0) at libavformat/dsfdec.c:120
 120         if (st->codecpar->block_align > INT_MAX /
 st->codecpar->channels) {
 (gdb) bt
 #0  0x0822f1e8 in dsf_read_header (s=0x973d1a0) at
 libavformat/dsfdec.c:120
 #1  0x0834960d in avformat_open_input (ps=ps at entry=0xbfffecdc,
     filename=filename at entry=0xbffff346 "fpe_fuzz.dsf", fmt=fmt at entry=0x0,
     options=0x973d0ec) at libavformat/utils.c:552
 #2  0x080d63a5 in open_input_file (o=o at entry=0xbfffed8c,
     filename=<optimized out>) at ffmpeg_opt.c:949
 #3  0x080da66b in open_files (inout=0x8c73202 "input",
     open_file=0x80d4a80 <open_input_file>, l=<optimized out>,
     l=<optimized out>) at ffmpeg_opt.c:3003
 #4  ffmpeg_parse_options (argc=argc at entry=3, argv=argv at entry=0xbffff154)
     at ffmpeg_opt.c:3040
 #5  0x080c8c5a in main (argc=3, argv=0xbffff154) at ffmpeg.c:4321
 (gdb)
 }}}

--
Ticket URL: <https://trac.ffmpeg.org/ticket/5495>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker

More information about the FFmpeg-trac mailing list