Opened 6 years ago

Closed 6 years ago

#1640 closed defect (fixed)

ffplay crashes after seeking in corrupted dvvideo

Reported by: ami_stuff Owned by:
Priority: important Component: avformat
Version: git-master Keywords: crash SIGSEGV dv
Cc: Blocked By:
Blocking: Reproduced by developer: yes
Analyzed by developer: no

Description

please seek a few times to reproduce (maybe invalid read)

(gdb) r dvvideo.avi
Starting program: d:\mingw\msys\1.0\ffmpeg-head-70f0ffa\ffplay_g.exe dvvideo.avi

[New Thread 1148.0x18c]
[New Thread 1148.0x7c0]
[New Thread 1148.0x5b8]
[New Thread 1148.0x5a8]
[New Thread 1148.0x150]
[New Thread 1148.0x148]
[New Thread 1148.0x42c]
[New Thread 1148.0x7d0]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 1148.0x5b8]
0x0049b7f9 in ff_dv_offset_reset (c=0x48b0e20, frame_offset=171)
    at libavformat/dv.c:423
423             c->abytes= av_rescale_q(c->frames, c->sys->time_base,
(gdb) bt
#0  0x0049b7f9 in ff_dv_offset_reset (c=0x48b0e20, frame_offset=171)
    at libavformat/dv.c:423
#1  0x0048fa85 in avi_read_seek (s=0x48a0060, stream_index=0, timestamp=171,
    flags=1) at libavformat/avidec.c:1474
#2  0x00470ff6 in seek_frame_internal (s=0x48a0060, stream_index=0,
    timestamp=171, flags=1) at libavformat/utils.c:1961
#3  0x0047162f in av_seek_frame (flags=1, timestamp=6829111, stream_index=-1,
    s=0x48a0060) at libavformat/utils.c:1985
#4  avformat_seek_file (s=0x48a0060, stream_index=-1,
    min_ts=-9223372036854775808, ts=6829111, max_ts=9223372036854775807,
    flags=0) at libavformat/utils.c:2014
#5  0x00406a90 in read_thread (arg=0x45a0040) at ffplay.c:2486
#6  0x681097ee in SDL_RunThread (data=0x42cfbd8)
    at ./src/thread/SDL_thread.c:204
#7  0x681327d3 in RunThread (data=0x42cfcd8)
    at ./src/thread/win32/SDL_systhread.c:74
#8  RunThreadViaBeginThreadEx (data=0x42cfcd8)
    at ./src/thread/win32/SDL_systhread.c:95
#9  0x77c2a3b0 in msvcrt!_endthreadex () from C:\WINDOWS\system32\msvcrt.dll
#10 0x7c80b729 in KERNEL32!GetModuleFileNameA ()
   from C:\WINDOWS\system32\kernel32.dll
#11 0x00000000 in ?? ()
(gdb)

Change History (3)

comment:2 Changed 6 years ago by cehoyos

  • Component changed from undetermined to avformat
  • Keywords crash SIGSEGV dv added
  • Priority changed from normal to important
  • Reproduced by developer set
  • Status changed from new to open
  • Version changed from unspecified to git-master

Reproducible with for example only back-seeks.

comment:3 Changed 6 years ago by michael

  • Resolution set to fixed
  • Status changed from open to closed
Note: See TracTickets for help on using tickets.