Opened 4 years ago

Closed 4 years ago

#6160 closed defect (fixed)

Valgrind error in mpegps_read_header

Reported by: Міхаіл Owned by:
Priority: minor Component: avformat
Version: git-master Keywords: mpegps ubsan
Cc: Blocked By:
Blocking: Reproduced by developer: no
Analyzed by developer: no


I noticed strange crashes working on my own code and attempted to run it under valgrind. The error reported by the tool is there even with the stock ffmpeg-executable -- without my code in the equation.

How to reproduce:

% valgrind ffmpeg -i robot.avi
ffmpeg version 3.2.4 Copyright (c) 2000-2017 the FFmpeg developers
  built with FreeBSD clang version 3.4.1 (tags/RELEASE_34/dot1-final 208032) 20140512
==52950== Conditional jump or move depends on uninitialised value(s)
==52950==    at 0x554F02F: mpegps_read_header (mpeg.c:148)
==52950==    by 0x55D43DA: avformat_open_input (utils.c:593)
==52950==    by 0x40F881: ??? (in /opt/bin/ffmpeg)
==52950==    by 0x40F10C: ??? (in /opt/bin/ffmpeg)
==52950==    by 0x40EE93: ??? (in /opt/bin/ffmpeg)
==52950==    by 0x41AC7B: ??? (in /opt/bin/ffmpeg)
==52950==    by 0x408F8E: ??? (in /opt/bin/ffmpeg)
==52950==    by 0x4020FFF: ???

The reported line mpeg.c:148 reads:

    if (!memcmp("IMKH", buffer, 4)) {

Attachments (1)

robot.avi (215.6 KB ) - added by Міхаіл 4 years ago.
The sample input (from php-ffmpeg test_media)

Download all attachments as: .zip

Change History (2)

by Міхаіл, 4 years ago

Attachment: robot.avi added

The sample input (from php-ffmpeg test_media)

comment:1 by Carl Eugen Hoyos, 4 years ago

Keywords: mpegps ubsan added
Priority: normalminor
Resolution: fixed
Status: newclosed
Version: unspecifiedgit-master

I wasn't able to reproduce (and I wonder how memcmp() must be implemented for this issue to occur) but should be fixed in a5c1c7a8b3d13c86b453558628951c3f52054ab4

Note: See TracTickets for help on using tickets.