Opened 2 weeks ago

Last modified 2 weeks ago

#6804 open defect

Corrupt file crashes ffmpeg with assertion failure.

Reported by: dalecurtis Owned by:
Priority: important Component: undetermined
Version: git-master Keywords: crash abort codecpar regression
Cc: Blocked By:
Blocking: Reproduced by developer: yes
Analyzed by developer: no


Using master branch, run ffmpeg -i on the attached file and observe the following:

[ogg @ 0x125f380] Codec not found
[ogg @ 0x125f380] Invalid timing values.

Last message repeated 1 times

[ogg @ 0x125f380] Header parsing failed for stream 1
[ogg @ 0x125f380] Header parsing failed for stream 2
[ogg @ 0x125f380] Headers mismatch for stream 3: expected 2 received 0.
[ogg @ 0x125f380] New streams are not supposed to be added in between Ogg context save/restore operations.
[ogg @ 0x125f380] failed to create or replace stream
[ogg @ 0x125f380] Codec not found
[ogg @ 0x125f380] Invalid timing values.
Assertion 0 failed at libavcodec/gsm_parser.c:59
Aborted (core dumped)

Seems this should return an error instead of crashing, but the parse() api doesn't seem to provide a way for error codes to be returned.

Attachments (1)

clusterfuzz-testcase-minimized-4580570865860608 (1.4 KB) - added by dalecurtis 2 weeks ago.

Download all attachments as: .zip

Change History (3)

Changed 2 weeks ago by dalecurtis

comment:1 Changed 2 weeks ago by Cigaes

The assert is fine, the execution should not arrive there in the first place.

You should run your fuzzing tests with the highest assert level, it would have triggered an assert failure earlier.

I do not know the Ogg and parser infrastructure well enough to investigate further.

comment:2 Changed 2 weeks ago by cehoyos

  • Keywords crash abort codecpar regression added
  • Priority changed from normal to important
  • Reproduced by developer set
  • Status changed from new to open
  • Version changed from unspecified to git-master
Note: See TracTickets for help on using tickets.