Context Navigation

#7983 closed defect (fixed)

undefined-behavior at libavcodec/j2kenc.c:524:31

Reported by:	Suhwan	Owned by:
Priority:	minor	Component:	avcodec
Version:	git-master	Keywords:	j2k ubsan
Cc:		Blocked By:
Blocking:		Reproduced by developer:	yes
Analyzed by developer:	no

Description

Summary of the bug:
There're undefined-behaviours at libavcodec/j2kenc.c:524, 530, 528 and one from libavcodec/jpeg2000dwt.c:258:14(left shift of negative value -82)

How to reproduce:

% ffmpeg_g  -y -r 56 -i tmp.avi -map 0 -c:v jpeg2000 -c:a v308 -disposition:a:124 g722 -disposition:s cinepak -vframes 59 -aframes 21 -r 2 -ar 48000 -ac 19 -strict 3 tmp_.adx

ffmpeg version N-94142-g3b2082c663 Copyright (c) 2000-2019 the FFmpeg developers

built with clang version 9.0.0 (https://github.com/llvm/llvm-project.git 442a120567a4bc6c59bc754f9edabfb770086f36)

Patches should be submitted to the ffmpeg-devel mailing list and not this bug tracker.

Attachments (2)

tmp.avi (282.5 KB ) - added by Suhwan 5 years ago.
gdb_log_7983 (13.1 KB ) - added by Suhwan 5 years ago.

Download all attachments as: .zip

Change History (4)

by Suhwan, 5 years ago

Attachment:	tmp.avi added

by Suhwan, 5 years ago

Attachment:	gdb_log_7983 added

comment:1 by Carl Eugen Hoyos, 5 years ago

Component:	undetermined → avcodec
Keywords:	j2k ubsan added; j2kenc removed
Reproduced by developer:	set
Status:	new → open

$ ffmpeg -i tmp.avi -vcodec jpeg2000 -f null -
ffmpeg version N-94148-g4877b5869e Copyright (c) 2000-2019 the FFmpeg developers
  built with gcc 9 (SUSE Linux)
  configuration: --enable-gpl --toolchain=gcc-usan
  libavutil      56. 30.100 / 56. 30.100
  libavcodec     58. 53.101 / 58. 53.101
  libavformat    58. 28.101 / 58. 28.101
  libavdevice    58.  7.100 / 58.  7.100
  libavfilter     7. 55.100 /  7. 55.100
  libswscale      5.  4.101 /  5.  4.101
  libswresample   3.  4.100 /  3.  4.100
  libpostproc    55.  4.100 / 55.  4.100
Input #0, avi, from 'tmp.avi':
  Duration: 00:00:03.14, start: 0.000000, bitrate: 736 kb/s
    Stream #0:0: Video: indeo4 (IV41 / 0x31345649), yuv410p, 256x240, 731 kb/s, 35 fps, 35 tbr, 35 tbn, 35 tbc
Stream mapping:
  Stream #0:0 -> #0:0 (indeo4 (native) -> jpeg2000 (native))
Press [q] to stop, [?] for help
src/libavcodec/j2kenc.c:524:31: runtime error: left shift of negative value -288
src/libavcodec/j2kenc.c:530:31: runtime error: left shift of negative value -3
src/libavcodec/j2kenc.c:530:31: runtime error: left shift of negative value -3
src/libavcodec/j2kenc.c:528:31: runtime error: left shift of negative value -1
Output #0, null, to 'pipe:':
  Metadata:
    encoder         : Lavf58.28.101
    Stream #0:0: Video: jpeg2000, yuv410p, 256x240, q=2-31, 200 kb/s, 35 fps, 35 tbn, 35 tbc
    Metadata:
      encoder         : Lavc58.53.101 jpeg2000
src/libavcodec/jpeg2000dwt.c:258:14: runtime error: left shift of negative value -82
frame=  110 fps= 68 q=-0.0 Lsize=N/A time=00:00:03.14 bitrate=N/A speed=1.94x    
video:1462kB audio:0kB subtitle:0kB other streams:0kB global headers:0kB muxing overhead: unknown

comment:2 by Carl Eugen Hoyos, 4 years ago

Priority:	important → minor
Resolution:	→ fixed
Status:	open → closed

Fixed by Andreas Rheinhardt in 39b60359dbf7936eb1ef6a05b76ea7d821d115f5

Note: See TracTickets for help on using tickets.

Download in other formats: