Opened 10 years ago

Closed 8 years ago

#2998 closed defect (invalid)

aac: maybe integer overflow

Reported by: ami_stuff Owned by:
Priority: normal Component: undetermined
Version: unspecified Keywords:
Cc: Blocked By:
Blocking: Reproduced by developer: no
Analyzed by developer: no

Description

please run this command:

zzuf -M2000 -c -s8548 -r0.000001:0.6 -S -b9000-25000000 ffmpeg -max_alloc 4000000 -i rv10.rm -f null -

and tell me if it's a bug of ffmpeg (integer overflow or such) or bug of valgrind.

signal 9 doesn't occure at every time (please run zzuf a few times to reproduce this)

I have seen more of similar cases while fuzzing various files.

ffmpeg version 2.0-93439e8 Copyright (c) 2000-2013 the FFmpeg developers
  built on Sep 18 2013 23:23:15 with gcc 4.7 (Debian 4.7.2-5)
  configuration: --disable-yasm --enable-gpl --disable-ffprobe --disable-ffserver
  libavutil      52. 44.100 / 52. 44.100
  libavcodec     55. 31.101 / 55. 31.101
  libavformat    55. 18.100 / 55. 18.100
  libavdevice    55.  3.100 / 55.  3.100
  libavfilter     3. 86.101 /  3. 86.101
  libswscale      2.  5.100 /  2.  5.100
  libswresample   0. 17.103 /  0. 17.103
  libpostproc    52.  3.100 / 52.  3.100
Input #0, rm, from 'v2/rv10.rm':
  Metadata:
    title           : 
    author          : 
    copyright       : 
    comment         : 
    ASMRuleBook     : #($Bandwidth >= 0),Stream1Bandwidth = 320000, Stream0Bandwidth = 1024000;
    Creation Date   : 4/20/2012 16:42:50
    Generated By    : Helix Producer SDK 13.1 for Windows, Build 13.1.1.3436
    Modification Date: 4/20/2012 16:42:50
  Duration: 00:00:12.68, start: 0.000000, bitrate: 1315 kb/s
    Stream #0:0: Video: rv40 (RV40 / 0x30345652), yuv420p, 320x240, 1024 kb/s, 15 fps, 15 tbr, 1k tbn, 1k tbc
    Stream #0:1: Audio: aac (raac / 0x63616172), 44100 Hz, stereo, fltp, 320 kb/s
Output #0, null, to 'pipe:':
  Metadata:
    title           : 
    author          : 
    copyright       : 
    comment         : 
    ASMRuleBook     : #($Bandwidth >= 0),Stream1Bandwidth = 320000, Stream0Bandwidth = 1024000;
    Creation Date   : 4/20/2012 16:42:50
    Generated By    : Helix Producer SDK 13.1 for Windows, Build 13.1.1.3436
    Modification Date: 4/20/2012 16:42:50
    encoder         : Lavf55.18.100
    Stream #0:0: Video: rawvideo (I420 / 0x30323449), yuv420p, 320x240, q=2-31, 200 kb/s, 90k tbn, 15 tbc
    Stream #0:1: Audio: pcm_s16le, 44100 Hz, stereo, s16, 1411 kb/s
Stream mapping:
  Stream #0:0 -> #0:0 (rv40 -> rawvideo)
  Stream #0:1 -> #0:1 (aac -> pcm_s16le)
Press [q] to stop, [?] for help
[rv40 @ 0x911f800] First slice header is incorrect
[rv40 @ 0x91148a0] Context scratch buffers could not be allocated due to unknown size.
[rv40 @ 0x91148a0] First slice header is incorrect
DTS 1141407872, next:188219 st:1 invalid dropping
PTS 1141407872, next:188219 invalid dropping st:1
[aac @ 0x911b5e0] SSR is not implemented. Update your FFmpeg version to the newest one from Git. If the problem still occurs, it means that your file has a feature which has not been implemented.
[aac @ 0x911b5e0] If you want to help, upload a sample of this file to ftp://upload.ffmpeg.org/MPlayer/incoming/ and contact the ffmpeg-devel mailing list.
Error while decoding stream #0:1: Not yet implemented in FFmpeg, patches welcome
DTS 1141407895, next:188219 st:1 invalid dropping
PTS 1141407895, next:188219 invalid dropping st:1
[aac @ 0x911b5e0] Reserved bit set.
Error while decoding stream #0:1: Invalid data found when processing input
DTS 1141407918, next:188219 st:1 invalid dropping
PTS 1141407918, next:188219 invalid dropping st:1
[aac @ 0x911b5e0] channel element 2.0 is not allocated
Error while decoding stream #0:1: Invalid data found when processing input
DTS 1141407941, next:188219 st:1 invalid dropping
PTS 1141407941, next:188219 invalid dropping st:1
[aac @ 0x911b5e0] channel element 2.14 is not allocated
Error while decoding stream #0:1: Invalid data found when processing input
DTS 1141407964, next:188219 st:1 invalid dropping
PTS 1141407964, next:188219 invalid dropping st:1
[aac @ 0x911b5e0] Reserved bit set.
Error while decoding stream #0:1: Invalid data found when processing input
DTS 1141407987, next:188219 st:1 invalid dropping
PTS 1141407987, next:188219 invalid dropping st:1
[aac @ 0x911b5e0] Sample rate index in program config element does not match the sample rate index configured by the container.
zzuf[s=8548,r=1e-06:0.6]: signal 9 (memory exceeded?)

Attachments (1)

rv10.rm (2.0 MB ) - added by ami_stuff 10 years ago.

Download all attachments as: .zip

Change History (2)

by ami_stuff, 10 years ago

Attachment: rv10.rm added

comment:1 by ami_stuff, 8 years ago

Resolution: invalid
Status: newclosed
Note: See TracTickets for help on using tickets.