[FFmpeg-trac] #5211(undetermined:closed): cfhd: crash with fuzzed file 4
FFmpeg
trac at avcodec.org
Wed Feb 3 14:14:30 CET 2016
#5211: cfhd: crash with fuzzed file 4
-------------------------------------+-------------------------------------
Reporter: ami_stuff | Owner:
Type: defect | Status: closed
Priority: normal | Component:
Version: unspecified | undetermined
Keywords: | Resolution: duplicate
Blocking: | Blocked By:
Analyzed by developer: 0 | Reproduced by developer: 0
-------------------------------------+-------------------------------------
Comment (by ami_stuff):
this still crashes here randomly (sometimes it does, sometimes it
doesn't), but with different backtrace
{{{
(gdb) r -threads 2 -i 3_fuzz3.avi -f null -
Starting program: /media/sdb1/ffmpeg/ffmpeg_g -threads 2 -i 3_fuzz3.avi -f
null -
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
ffmpeg version 2.8.git Copyright (c) 2000-2016 the FFmpeg developers
built with gcc 4.8 (Ubuntu 4.8.4-2ubuntu1~14.04)
configuration: --disable-ffplay --disable-ffprobe --disable-ffserver
--enable-gpl
libavutil 55. 17.100 / 55. 17.100
libavcodec 57. 24.101 / 57. 24.101
libavformat 57. 24.100 / 57. 24.100
libavdevice 57. 0.101 / 57. 0.101
libavfilter 6. 28.100 / 6. 28.100
libswscale 4. 0.100 / 4. 0.100
libswresample 2. 0.101 / 2. 0.101
libpostproc 54. 0.100 / 54. 0.100
[cfhd @ 0x9657de0] Too many lowpass coefficients
Input #0, avi, from '3_fuzz3.avi':
Metadata:
date : 2016-01-23T13:45:31+01:00
encoder : Adobe Premiere Pro CC 2015 (Windows)
Duration: 00:00:00.00, start: 0.000000, bitrate: 1240878840 kb/s
Stream #0:0: Video: cfhd (CFHD / 0x44484643), gbrp12le(10 bpc),
720x480, 2145368.28 fps, 2145368.28 tbr, 2145368.28 tbn, 2145368.28 tbc
[New Thread 0xb7daeb40 (LWP 3920)]
[New Thread 0xb75adb40 (LWP 3921)]
[New Thread 0xb6dacb40 (LWP 3922)]
[New Thread 0xb65abb40 (LWP 3923)]
[New Thread 0xb5daab40 (LWP 3924)]
[New Thread 0xb55a9b40 (LWP 3925)]
[New Thread 0xb4da8b40 (LWP 3926)]
Output #0, null, to 'pipe:':
Metadata:
date : 2016-01-23T13:45:31+01:00
encoder : Lavf57.24.100
Stream #0:0: Video: wrapped_avframe, gbrp12le(10 bpc), 720x480,
q=2-31, 200 kb/s, 2145368.28 fps, 2145368.28 tbn, 2145368.28 tbc
Metadata:
encoder : Lavc57.24.101 wrapped_avframe
Stream mapping:
Stream #0:0 -> #0:0 (cfhd (native) -> wrapped_avframe (native))
Press [q] to stop, [?] for help
[cfhd @ 0x9674f00] Too many lowpass coefficients
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x96754a0] Escape codeword not found, probably corrupt data
[cfhd @ 0x9674f00] Too many lowpass coefficients
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x96754a0] Invalid subband number
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9674f00] Too many lowpass coefficients
[cfhd @ 0x96754a0] Subband Count of 36 is unsupported
Error while decoding stream #0:0: Invalid argument
Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
welcome
[cfhd @ 0x96754a0] Escape codeword not found, probably corrupt data
[cfhd @ 0x9674f00] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x96754a0] Invalid bits per channel
[cfhd @ 0x96754a0] Invalid dimensions
[cfhd @ 0x9674f00] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x96754a0] Escape codeword not found, probably corrupt data
[cfhd @ 0x9674f00] Subband Count of 36 is unsupported
Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
welcome
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x96754a0] Escape codeword not found, probably corrupt data
[cfhd @ 0x9674f00] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x9674f00] Invalid dimensions
[cfhd @ 0x96754a0] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x9674f00] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x96754a0] Channel Count of 2 is unsupported
[cfhd @ 0x96754a0] No end of header tag found
[cfhd @ 0x9674f00] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x96754a0] Too many highpass coefficents
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9674f00] Escape codeword not found, probably corrupt data
[cfhd @ 0x96754a0] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x9674f00] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x96754a0] Too many highpass coefficents
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9674f00] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x96754a0] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9674f00] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x96754a0] Escape codeword not found, probably corrupt data
[cfhd @ 0x9674f00] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x9674f00] Escape codeword not found, probably corrupt data
[cfhd @ 0x96754a0] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x96754a0] Subband Count of 74 is unsupported
[cfhd @ 0x96754a0] No end of header tag found
[cfhd @ 0x9674f00] Invalid subband number actual
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x96754a0] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9674f00] Subband Count of 36 is unsupported
Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
welcome
[cfhd @ 0x9674f00] Escape codeword not found, probably corrupt data
[cfhd @ 0x96754a0] Invalid level
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x96754a0] Too many lowpass coefficients
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9674f00] Channel Count of 3598 is unsupported
Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
welcome
[cfhd @ 0x96754a0] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9674f00] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x96754a0] Too many highpass coefficents
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9674f00] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x96754a0] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9674f00] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x96754a0] Escape codeword not found, probably corrupt data
[cfhd @ 0x9674f00] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x9674f00] Sample format of 259 is unsupported
[cfhd @ 0x9674f00] is not implemented. Update your FFmpeg version to the
newest one from Git. If the problem still occurs, it means that your file
has a feature which has not been implemented.
[cfhd @ 0x9674f00] No end of header tag found
[cfhd @ 0x96754a0] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x96754a0] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9674f00] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x96754a0] Escape codeword not found, probably corrupt data
[cfhd @ 0x9674f00] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x96754a0] Escape codeword not found, probably corrupt data
[cfhd @ 0x9674f00] Invalid lowpass width
[cfhd @ 0x9674f00] No end of header tag found
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x9674f00] Channel Count of 16387 is unsupported
[cfhd @ 0x9674f00] No end of header tag found
[cfhd @ 0x96754a0] Subband Count of 4132 is unsupported
[cfhd @ 0x96754a0] Invalid dimensions
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x96754a0] Escape codeword not found, probably corrupt data
[cfhd @ 0x9674f00] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x9674f00] Escape codeword not found, probably corrupt data
[cfhd @ 0x96754a0] Invalid plane dimensions
Error while decoding stream #0:0: Invalid argument
Program received signal SIGSEGV, Segmentation fault.
0x080e130e in check_output_constraints (ost=0x9672d20, ist=0x9659860)
at ffmpeg.c:1772
1772 int ist_index = input_files[ist->file_index]->ist_index +
ist->st->index;
(gdb) bt
#0 0x080e130e in check_output_constraints (ost=0x9672d20, ist=0x9659860)
at ffmpeg.c:1772
#1 process_input_packet (no_eof=0, pkt=0xbfffe334, ist=0x9659860)
at ffmpeg.c:2415
#2 process_input (file_index=<optimized out>) at ffmpeg.c:3986
#3 0x080e41d0 in transcode_step () at ffmpeg.c:4074
#4 transcode () at ffmpeg.c:4128
#5 0x080c17e5 in main (argc=<optimized out>, argv=<optimized out>)
at ffmpeg.c:4319
(gdb)
}}}
{{{
(gdb) r -threads 3 -i 3_fuzz3.avi -f null -
Starting program: /media/sdb1/ffmpeg/ffmpeg_g -threads 3 -i 3_fuzz3.avi -f
null -
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
ffmpeg version 2.8.git Copyright (c) 2000-2016 the FFmpeg developers
built with gcc 4.8 (Ubuntu 4.8.4-2ubuntu1~14.04)
configuration: --disable-ffplay --disable-ffprobe --disable-ffserver
--enable-gpl
libavutil 55. 17.100 / 55. 17.100
libavcodec 57. 24.101 / 57. 24.101
libavformat 57. 24.100 / 57. 24.100
libavdevice 57. 0.101 / 57. 0.101
libavfilter 6. 28.100 / 6. 28.100
libswscale 4. 0.100 / 4. 0.100
libswresample 2. 0.101 / 2. 0.101
libpostproc 54. 0.100 / 54. 0.100
[cfhd @ 0x9657de0] Too many lowpass coefficients
Input #0, avi, from '3_fuzz3.avi':
Metadata:
date : 2016-01-23T13:45:31+01:00
encoder : Adobe Premiere Pro CC 2015 (Windows)
Duration: 00:00:00.00, start: 0.000000, bitrate: 1240878840 kb/s
Stream #0:0: Video: cfhd (CFHD / 0x44484643), gbrp12le(10 bpc),
720x480, 2145368.28 fps, 2145368.28 tbr, 2145368.28 tbn, 2145368.28 tbc
[New Thread 0xb7daeb40 (LWP 3862)]
[New Thread 0xb75adb40 (LWP 3863)]
[New Thread 0xb6dacb40 (LWP 3864)]
[New Thread 0xb65abb40 (LWP 3865)]
[New Thread 0xb5daab40 (LWP 3866)]
[New Thread 0xb55a9b40 (LWP 3867)]
[New Thread 0xb4da8b40 (LWP 3868)]
[New Thread 0xb45a7b40 (LWP 3869)]
Output #0, null, to 'pipe:':
Metadata:
date : 2016-01-23T13:45:31+01:00
encoder : Lavf57.24.100
Stream #0:0: Video: wrapped_avframe, gbrp12le(10 bpc), 720x480,
q=2-31, 200 kb/s, 2145368.28 fps, 2145368.28 tbn, 2145368.28 tbc
Metadata:
encoder : Lavc57.24.101 wrapped_avframe
Stream mapping:
Stream #0:0 -> #0:0 (cfhd (native) -> wrapped_avframe (native))
Press [q] to stop, [?] for help
[cfhd @ 0x9675040] Too many lowpass coefficients
[cfhd @ 0x96755e0] Escape codeword not found, probably corrupt data
[cfhd @ 0x9675be0] Too many lowpass coefficients
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x9675040] Invalid subband number
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x96755e0] Too many lowpass coefficients
[cfhd @ 0x9675be0] Subband Count of 36 is unsupported
Error while decoding stream #0:0: Invalid argument
Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
welcome
[cfhd @ 0x9675040] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9675040] Invalid bits per channel
[cfhd @ 0x9675040] Invalid dimensions
[cfhd @ 0x9675be0] Escape codeword not found, probably corrupt data
[cfhd @ 0x96755e0] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 2 times
[cfhd @ 0x9675be0] Escape codeword not found, probably corrupt data
[cfhd @ 0x9675040] Escape codeword not found, probably corrupt data
[cfhd @ 0x96755e0] Subband Count of 36 is unsupported
Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
welcome
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x9675be0] Invalid dimensions
[cfhd @ 0x96755e0] Escape codeword not found, probably corrupt data
[cfhd @ 0x9675040] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 2 times
[cfhd @ 0x96755e0] Escape codeword not found, probably corrupt data
[cfhd @ 0x9675be0] Channel Count of 2 is unsupported
[cfhd @ 0x9675be0] No end of header tag found
[cfhd @ 0x9675040] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x96755e0] Too many highpass coefficents
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x9675be0] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9675040] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9675be0] Escape codeword not found, probably corrupt data
[cfhd @ 0x9675040] Escape codeword not found, probably corrupt data
[cfhd @ 0x96755e0] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 2 times
[cfhd @ 0x96755e0] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9675040] Escape codeword not found, probably corrupt data
[cfhd @ 0x9675be0] Escape codeword not found, probably corrupt data
[cfhd @ 0x96755e0] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 2 times
[cfhd @ 0x9675be0] Escape codeword not found, probably corrupt data
[cfhd @ 0x96755e0] Subband Count of 74 is unsupported
[cfhd @ 0x96755e0] No end of header tag found
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9675040] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9675be0] Invalid subband number actual
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9675040] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x96755e0] Subband Count of 36 is unsupported
Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
welcome
[cfhd @ 0x9675040] Escape codeword not found, probably corrupt data
[cfhd @ 0x96755e0] Too many lowpass coefficients
[cfhd @ 0x9675be0] Invalid level
Error while decoding stream #0:0: Invalid argument
Last message repeated 2 times
[cfhd @ 0x9675be0] Channel Count of 3598 is unsupported
Error while decoding stream #0:0: Not yet implemented in FFmpeg, patches
welcome
[cfhd @ 0x96755e0] Escape codeword not found, probably corrupt data
[cfhd @ 0x9675be0] Too many highpass coefficents
[cfhd @ 0x9675040] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 2 times
[cfhd @ 0x9675040] Escape codeword not found, probably corrupt data
[cfhd @ 0x96755e0] Escape codeword not found, probably corrupt data
[cfhd @ 0x9675be0] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 2 times
[cfhd @ 0x9675040] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x96755e0] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9675040] Sample format of 259 is unsupported
[cfhd @ 0x9675040] is not implemented. Update your FFmpeg version to the
newest one from Git. If the problem still occurs, it means that your file
has a feature which has not been implemented.
[cfhd @ 0x9675040] No end of header tag found
[cfhd @ 0x96755e0] Escape codeword not found, probably corrupt data
[cfhd @ 0x9675be0] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
Last message repeated 2 times
[cfhd @ 0x9675be0] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9675040] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9675be0] Escape codeword not found, probably corrupt data
[cfhd @ 0x96755e0] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9675040] Invalid lowpass width
[cfhd @ 0x9675040] No end of header tag found
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x96755e0] Subband Count of 4132 is unsupported
[cfhd @ 0x96755e0] Invalid dimensions
[cfhd @ 0x9675be0] Channel Count of 16387 is unsupported
[cfhd @ 0x9675be0] No end of header tag found
Error while decoding stream #0:0: Invalid argument
Last message repeated 1 times
[cfhd @ 0x9675040] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9675040] Escape codeword not found, probably corrupt data
[cfhd @ 0x96755e0] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x96755e0] Escape codeword not found, probably corrupt data
[cfhd @ 0x9675be0] Invalid plane dimensions
Error while decoding stream #0:0: Invalid argument
Program received signal SIGSEGV, Segmentation fault.
0xb7e23b79 in _int_free (av=0xb7f5a420 <main_arena>, p=<optimized out>,
have_lock=0) at malloc.c:3987
3987 malloc.c: No such file or directory.
(gdb) bt
#0 0xb7e23b79 in _int_free (av=0xb7f5a420 <main_arena>, p=<optimized
out>,
have_lock=0) at malloc.c:3987
#1 0x08b4d473 in buffer_replace (src=0x0, dst=0x9674fb0)
at libavutil/buffer.c:119
#2 av_buffer_unref (buf=buf at entry=0x9674fb0) at libavutil/buffer.c:129
#3 0x0836b90a in av_packet_unref (pkt=pkt at entry=0x9674fb0)
at libavcodec/avpacket.c:548
#4 0x08662e14 in submit_packet (avpkt=0xbfffe0ec, p=0x9674ee0)
at libavcodec/pthread_frame.c:340
#5 ff_thread_decode_frame (avctx=avctx at entry=0x9659e80,
picture=picture at entry=0x96761e0,
got_picture_ptr=got_picture_ptr at entry=0xbfffe330,
avpkt=avpkt at entry=0xbfffe0ec) at libavcodec/pthread_frame.c:403
#6 0x0871881f in avcodec_decode_video2 (avctx=0x9659e80,
picture=picture at entry=0x96761e0,
got_picture_ptr=got_picture_ptr at entry=0xbfffe330,
avpkt=avpkt at entry=0xbfffe378) at libavcodec/utils.c:2122
#7 0x080d8e0f in decode_video (ist=ist at entry=0x9659860,
pkt=pkt at entry=0xbfffe378, got_output=got_output at entry=0xbfffe330)
at ffmpeg.c:2075
#8 0x080e1636 in process_input_packet (no_eof=0, pkt=0xbfffe334,
ist=0x9659860) at ffmpeg.c:2324
#9 process_input (file_index=<optimized out>) at ffmpeg.c:3986
---Type <return> to continue, or q <return> to quit---
#10 0x080e41d0 in transcode_step () at ffmpeg.c:4074
#11 transcode () at ffmpeg.c:4128
#12 0x080c17e5 in main (argc=<optimized out>, argv=<optimized out>)
at ffmpeg.c:4319
(gdb)
}}}
--
Ticket URL: <https://trac.ffmpeg.org/ticket/5211#comment:2>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list