Opened 5 years ago

Closed 5 years ago

#793 closed defect (fixed)

zzuf .tgv crashes FFMPEG

Reported by: oanastratulat Owned by:
Priority: important Component: avformat
Version: git-master Keywords: electronicarts crash fpe
Cc: Blocked By:
Blocking: Reproduced by developer: yes
Analyzed by developer: no

Description

==24745== Memcheck, a memory error detector
==24745== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==24745== Using Valgrind-3.6.1-Debian and LibVEX; rerun with -h for copyright info
==24745== Command: ffmpeg -i corruptfile -f null -
==24745==
ffmpeg version N-35936-gaf3f2a8, Copyright (c) 2000-2011 the FFmpeg developers

built on Dec 19 2011 00:07:16 with gcc 4.6.1
configuration:
libavutil 51. 32. 0 / 51. 32. 0
libavcodec 53. 46. 0 / 53. 46. 0
libavformat 53. 26. 0 / 53. 26. 0
libavdevice 53. 4. 0 / 53. 4. 0
libavfilter 2. 53. 0 / 2. 53. 0
libswscale 2. 1. 0 / 2. 1. 0

==24745==
==24745== Process terminating with default action of signal 8 (SIGFPE)
==24745== Integer divide by zero at address 0x4035F4B0B
==24745== at 0x481DDC: ??? (in /usr/local/bin/ffmpeg)
==24745== by 0x4FCE2E: ??? (in /usr/local/bin/ffmpeg)
==24745== by 0x4FDC86: ??? (in /usr/local/bin/ffmpeg)
==24745== by 0x4FF790: ??? (in /usr/local/bin/ffmpeg)
==24745== by 0x4427CB: ??? (in /usr/local/bin/ffmpeg)
==24745== by 0x446620: ??? (in /usr/local/bin/ffmpeg)
==24745== by 0x446876: ??? (in /usr/local/bin/ffmpeg)
==24745== by 0x438B5C: ??? (in /usr/local/bin/ffmpeg)
==24745== by 0x52F130C: (below main) (libc-start.c:226)
==24745==
==24745== HEAP SUMMARY:
==24745== in use at exit: 189,640 bytes in 23 blocks
==24745== total heap usage: 30 allocs, 7 frees, 224,560 bytes allocated
==24745==
==24745== LEAK SUMMARY:
==24745== definitely lost: 0 bytes in 0 blocks
==24745== indirectly lost: 0 bytes in 0 blocks
==24745== possibly lost: 0 bytes in 0 blocks
==24745== still reachable: 189,640 bytes in 23 blocks
==24745== suppressed: 0 bytes in 0 blocks
==24745== Rerun with --leak-check=full to see details of leaked memory
==24745==
==24745== For counts of detected and suppressed errors, rerun with: -v
==24745== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 4 from 4)

Attachments (3)

corruptfile (512.0 KB) - added by oanastratulat 5 years ago.
valgrind (1.9 KB) - added by oanastratulat 5 years ago.
0001-electronicarts-Fix-division-by-zero.-Fixes-Ticket-79.patch (1.0 KB) - added by oanastratulat 5 years ago.
K&R style patch

Download all attachments as: .zip

Change History (6)

Changed 5 years ago by oanastratulat

Changed 5 years ago by oanastratulat

comment:1 Changed 5 years ago by michael

  • Component changed from FFmpeg to avformat
  • Keywords electronicarts added
  • Reproduced by developer set

the bytes variable becomes 0, its not hard to fix but iam not sure which way / where is the best. It seems there are several pathes by which 0 could reach that divission.

comment:2 Changed 5 years ago by cehoyos

  • Keywords crash fpe added
  • Status changed from new to open

Changed 5 years ago by oanastratulat

K&R style patch

comment:3 Changed 5 years ago by michael

  • Resolution set to fixed
  • Status changed from open to closed

Patch applied, bug fixed

Note: See TracTickets for help on using tickets.