Opened 8 years ago
Closed 8 years ago
#5062 closed defect (invalid)
signed integer overflow in decode_scaling_list
Reported by: | tsmith | Owned by: | |
---|---|---|---|
Priority: | normal | Component: | avcodec |
Version: | git-master | Keywords: | h264 |
Cc: | Blocked By: | ||
Blocking: | Reproduced by developer: | no | |
Analyzed by developer: | no |
Description
Summary of the bug:
This is an Undefined behavior sanitizer (UBSan) runtime error.
libavcodec/h264_ps.c:261:30: runtime error: signed integer overflow: 103 + 2147483644 cannot be represented in type 'int'
#0 0x90605e in decode_scaling_list /home/user/code/ffmpeg/libavcodec/h264_ps.c:261:30
#1 0x900e8b in decode_scaling_matrices /home/user/code/ffmpeg/libavcodec/h264_ps.c:291:13
#2 0x8f771d in ff_h264_decode_seq_parameter_set /home/user/code/ffmpeg/libavcodec/h264_ps.c:386:9
#3 0x7a2628 in decode_nal_units /home/user/code/ffmpeg/libavcodec/h264.c:1627:25
#4 0x7b4469 in h264_decode_frame /home/user/code/ffmpeg/libavcodec/h264.c:1840:17
#5 0xe89945 in avcodec_decode_video2 /home/user/code/ffmpeg/libavcodec/utils.c:2105:19
#6 0x756b2d in try_decode_frame /home/user/code/ffmpeg/libavformat/utils.c:2752:19
#7 0x7434ab in avformat_find_stream_info /home/user/code/ffmpeg/libavformat/utils.c:3401:9
#8 0x507779 in open_input_file /home/user/code/ffmpeg/ffmpeg_opt.c:970:11
#9 0x50365f in open_files /home/user/code/ffmpeg/ffmpeg_opt.c:2939:15
#10 0x502706 in ffmpeg_parse_options /home/user/code/ffmpeg/ffmpeg_opt.c:2976:11
#11 0x57ab79 in main /home/user/code/ffmpeg/ffmpeg.c:4273:11
#12 0x7fa992792ec4 in libc_start_main /build/buildd/eglibc-2.19/csu/libc-start.c:287
#13 0x41ad25 in _start (/home/user/Desktop/ffmpeg/ffmpeg_ub+0x41ad25)
How to reproduce:
% ./ffmpeg -v 0 -nostats -f h264 -i test_case.264 -f null - ffmpeg version N-76984-g259c71c built on Linux x86_64
Patches should be submitted to the ffmpeg-devel mailing list and not this bug tracker.
Attachments (1)
Change History (2)
by , 8 years ago
Attachment: | test_case.264 added |
---|
comment:1 by , 8 years ago
Keywords: | h264 added |
---|---|
Resolution: | → invalid |
Status: | new → closed |
Same as #5060, can't reproduce with git head.