[Ffmpeg-devel] crash on broken avcC

Derk-Jan Hartman hartman
Thu Aug 24 16:46:25 CEST 2006

This sample:

The avcC atom is size 15, but indicates 0 SPS and PPS (from VLC debug)
[00000530] mp4 private debug: read box: "avcC" version=1 profile=0x4d  
level=0x33 length size=4 sps=0 pps=0

But this makes libavcodec crash in
static void decode_scaling_matrices(H264Context *h, SPS *sps, PPS  
*pps, int is_sps,
                                    uint8_t (*scaling_matrix4)[16],  
uint8_t (*scaling_matrix8)[64]){

On line:
int fallback_sps = !is_sps && sps->scaling_matrix_present;
where i_sps is 0 and sps != NULL

This quite old file is definitely broken and the result of early  
development of H264 in VLC, but none the less it should not crash if  
it indicates 0 SPS and PPS, on a value of sps->scaling_matrix_present
I suspect uninitialized variables or something ? The decoder doesn't  
seem to like missing SPS/PPS in general btw. The nal parser will  
almost always crash eventually in that case.


More information about the ffmpeg-devel mailing list