Opened 3 years ago

Closed 2 years ago

#5510 closed defect (needs_more_info)

Crash when reading a fine in Xine

Reported by: elv13 Owned by:
Priority: normal Component: undetermined
Version: unspecified Keywords: crash hevc
Cc: Blocked By:
Blocking: Reproduced by developer: no
Analyzed by developer: no

Description

Summary of the bug:
How to reproduce:
play a file

Version:
2.8.7

GDB:
http://pastebin.ca/3591051

Valgrind:
http://pastebin.com/8eCK7dib

Change History (7)

comment:1 Changed 3 years ago by elv13

s/fine/file/

comment:2 Changed 3 years ago by cehoyos

Please test current FFmpeg git head compiled with debug information and provide all necessary information here on the bug tracker, external resources may disappear. See http://ffmpeg.org/bugreports.html for the needed information.

comment:3 follow-up: Changed 3 years ago by elv13

with debug information

I did compile the latest release with the debug symbols for this bug report

Please test current FFmpeg git head

Given the bug is actually a GUI related one, I can't use the command line and this break the API/ABI, so I think this is unfortunately not really an option. I think you got enough information.

This is a buffer overflow, it is quite visible in the backtrace. It is potentially a security issue, not only a denial of service one. I did not investigate any further, but I am available if you need me to test patches.

comment:4 in reply to: ↑ 3 Changed 3 years ago by cehoyos

Replying to elv13:

with debug information

I did compile the latest release with the debug symbols for this bug report

I don't understand: Current libavcodec has version 57 but you provided gdb output for version 56.
Please explain.

comment:5 Changed 3 years ago by elv13

I don't understand: Current libavcodec has version 57 but you provided gdb output for version 56.
Please explain.

Gentoo ships both 2.8.7 and 3.0.2 as the 2 available latest versions. However, none of the packages I use support (or at least, Gentoo claim they don't) API 57. So 56 is the latest I can use to reproduce the bug.

comment:6 Changed 3 years ago by cehoyos

You have shown backtrace but please provide backtrace together with disassembly and register dump as explained on https://ffmpeg.org/bugreports.html here on the bug tracker, do not use external resources.

Is the crash also reproducible with you compile with --disable-avx2?

comment:7 Changed 2 years ago by cehoyos

  • Resolution set to needs_more_info
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.