Context Navigation

#5497 closed defect (fixed)

dff: deadlock with fuzzed file

Reported by:	ami_stuff	Owned by:
Priority:	important	Component:	avformat
Version:	git-master	Keywords:	iff deadlock
Cc:		Blocked By:
Blocking:		Reproduced by developer:	yes
Analyzed by developer:	no

Description

https://www.datafilehost.com/d/17d49688

(gdb) r -i cut_deadlock_fuzz.dff
Starting program: /media/sdb1/ffmpeg/ffmpeg_g -i cut_deadlock_fuzz.dff
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
ffmpeg version 3.0.git Copyright (c) 2000-2016 the FFmpeg developers
  built with gcc 4.8 (Ubuntu 4.8.4-2ubuntu1~14.04.1)
  configuration: --enable-gpl --disable-ffprobe --disable-ffplay --disable-ffserver
  libavutil      55. 23.100 / 55. 23.100
  libavcodec     57. 38.100 / 57. 38.100
  libavformat    57. 34.103 / 57. 34.103
  libavdevice    57.  0.101 / 57.  0.101
  libavfilter     6. 44.100 /  6. 44.100
  libswscale      4.  1.100 /  4.  1.100
  libswresample   2.  0.101 /  2.  0.101
  libpostproc    54.  0.100 / 54.  0.100

Program received signal SIGINT, Interrupt.
avio_seek (s=s@entry=0x9745a20, offset=<optimized out>, whence=whence@entry=1)
    at libavformat/aviobuf.c:228
228	    if (whence != SEEK_CUR && whence != SEEK_SET)
(gdb) bt
#0  avio_seek (s=s@entry=0x9745a20, offset=<optimized out>, 
    whence=whence@entry=1) at libavformat/aviobuf.c:228
#1  0x0821a287 in avio_skip (s=s@entry=0x9745a20, offset=0)
    at libavformat/aviobuf.c:289
#2  0x0825ab2f in parse_dsd_prop (eof=8796093022360, st=0x973d9e0, s=0x973d1a0)
    at libavformat/iff.c:333
#3  iff_read_header (s=0x973d1a0) at libavformat/iff.c:564
#4  0x0834960d in avformat_open_input (ps=ps@entry=0xbfffeccc, 
    filename=filename@entry=0xbffff33c "cut_deadlock_fuzz.dff", 
    fmt=fmt@entry=0x0, options=0x973d0ec) at libavformat/utils.c:552
#5  0x080d63a5 in open_input_file (o=o@entry=0xbfffed7c, 
    filename=<optimized out>) at ffmpeg_opt.c:949
#6  0x080da66b in open_files (inout=0x8c73202 "input", 
    open_file=0x80d4a80 <open_input_file>, l=<optimized out>, 
    l=<optimized out>) at ffmpeg_opt.c:3003
#7  ffmpeg_parse_options (argc=argc@entry=3, argv=argv@entry=0xbffff144)
    at ffmpeg_opt.c:3040
#8  0x080c8c5a in main (argc=3, argv=0xbffff144) at ffmpeg.c:4321
(gdb)

Attachments (1)

cut_deadlock_fuzz_cut.dff (2.4 MB ) - added by Carl Eugen Hoyos 8 years ago.

Change History (3)

by Carl Eugen Hoyos, 8 years ago

Attachment:	cut_deadlock_fuzz_cut.dff added

comment:1 by Carl Eugen Hoyos, 8 years ago

Component:	undetermined → avformat
Keywords:	iff deadlock added
Priority:	normal → important
Reproduced by developer:	set
Status:	new → open
Version:	unspecified → git-master

comment:2 by Elon Musk, 8 years ago

Resolution:	→ fixed
Status:	open → closed

Fixed in 675cfb2f86a0bd76b0784da0c7ec9a9225e37353.

Note: See TracTickets for help on using tickets.

Download in other formats: