Opened 20 months ago

Closed 20 months ago

Last modified 20 months ago

#7472 closed defect (invalid)

double free detected in avcodec_close after rtmp streaming with h264 codec

Reported by: andreanobile Owned by:
Priority: important Component: avcodec
Version: unspecified Keywords:
Cc: Blocked By:
Blocking: Reproduced by developer: no
Analyzed by developer: no


Summary of the bug:
How to reproduce:

./streamer <video file>
ffmpeg version: git master

compiled with:
PATH="$HOME/bin:$PATH" PKG_CONFIG_PATH="$HOME/ffmpeg_build/lib/pkgconfig" ./configure   --prefix="$HOME/ffmpeg_build"    --extra-cflags="-I$HOME/ffmpeg_build/include"   --extra-ldflags="-L$HOME/ffmpeg_build/lib"   --extra-libs="-lpthread -lm"   --bindir="$HOME/bin"   --enable-gpl   --enable-libaom   --enable-libass   --enable-libfdk-aac   --enable-libfreetype   --enable-libmp3lame   --enable-libopus   --enable-libvorbis   --enable-libvpx   --enable-libx264   --enable-libx265 --enable-shared  --enable-nonfree --enable-pic --extra-ldexeflags=-pie --pkg-config-flags="--static" --enable-debug && PATH="$HOME/bin:$PATH" make -j4 && make install

address sanitizer output:
==4937==ERROR: AddressSanitizer: attempting double-free on 0x618000001480 in thread T0:
    #0 0x7f33dab397b8 in __interceptor_free (/usr/lib/x86_64-linux-gnu/
    #1 0x7f33d8cb8ff9  (/home/andrea/ffmpeg_build/lib/
    #2 0x7f33d8cd4a4d in avcodec_close (/home/andrea/ffmpeg_build/lib/
    #3 0x5632c2af4406 in Streamer::~Streamer() /home/andrea/computer_vision/streamer/main.cpp:280
    #4 0x5632c2af520e in main /home/andrea/computer_vision/streamer/main.cpp:292
    #5 0x7f33d5ab8b96 in __libc_start_main (/lib/x86_64-linux-gnu/
    #6 0x5632c2af05d9 in _start (/home/andrea/computer_vision/streamer/build/streamer+0x205d9)

0x618000001480 is located 0 bytes inside of 731-byte region [0x618000001480,0x61800000175b)
freed by thread T0 here:
    #0 0x7f33dab397b8 in __interceptor_free (/usr/lib/x86_64-linux-gnu/
    #1 0x7f33d92d3225 in avcodec_parameters_free (/home/andrea/ffmpeg_build/lib/

previously allocated by thread T0 here:
    #0 0x7f33dab3a7a0 in posix_memalign (/usr/lib/x86_64-linux-gnu/
    #1 0x7f33d8566532 in av_malloc (/home/andrea/ffmpeg_build/lib/

SUMMARY: AddressSanitizer: double-free (/usr/lib/x86_64-linux-gnu/ in __interceptor_free

Attachments (2)

main.cpp (8.3 KB) - added by andreanobile 20 months ago.
source code of program
CMakeLists.txt (1.6 KB) - added by andreanobile 20 months ago.
cmake file

Download all attachments as: .zip

Change History (6)

Changed 20 months ago by andreanobile

source code of program

Changed 20 months ago by andreanobile

cmake file

comment:1 Changed 20 months ago by heleppkes

This is the offending line. If you assign the same extradata buffer to both structures, it'll be free'ed twice. Both of those structures are documented to "own" the extradata buffer, so both of them will free it. Hence, you have to use separate buffers.

avcodec_parameters_from_context will already copy the extradata, I would recommend to move that line after opening the encoder, then there is no need to manually touch it, and nothing bad happens.

Last edited 20 months ago by heleppkes (previous) (diff)

comment:2 Changed 20 months ago by heleppkes

  • Resolution set to invalid
  • Status changed from new to closed

comment:3 Changed 20 months ago by andreanobile

Thank you!

comment:4 Changed 20 months ago by cehoyos

  • Keywords double free removed
Note: See TracTickets for help on using tickets.