[FFmpeg-devel] accessing uninitialized memory in dv.c

Ramiro Polla ramiro.polla
Fri Jan 30 18:30:46 CET 2009


Hi,

I don't know if Roman reads the issue tracker, so I thought it'd be
better to post this on the list.

Running the sample in /MPlayer/incoming/transcodeErrorFfmpegWin/
through valgrind gives some uninitialized memory being used. It seems
to be in the optimized GET_RL_VLC, and since I don't know how that
works, I decided to just report it.

./ffmpeg_g -i ../data/avi_transcode_error_on_windows_build.avi
-vframes 1 -y output.avi
==12352== Memcheck, a memory error detector.
==12352== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==12352== Using LibVEX rev 1854, a library for dynamic binary translation.
==12352== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==12352== Using valgrind-3.3.1-Debian, a dynamic binary
instrumentation framework.
==12352== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==12352== For more details, rerun with: -v
==12352==
FFmpeg version SVN-r16824, Copyright (c) 2000-2009 Fabrice Bellard, et al.
  configuration: --cc=ccache gcc
  libavutil     49.14. 0 / 49.14. 0
  libavcodec    52.11. 0 / 52.11. 0
  libavformat   52.25. 0 / 52.25. 0
  libavdevice   52. 1. 0 / 52. 1. 0
  built on Jan 28 2009 21:21:58, gcc: 4.3.2
==12352== Use of uninitialised value of size 8
==12352==    at 0x5A1497: dv_decode_ac (dv.c:452)
==12352==    by 0x5A1BB1: dv_decode_video_segment (dv.c:599)
==12352==    by 0x4B20FF: avcodec_default_execute (utils.c:377)
==12352==    by 0x5A5278: dvvideo_decode_frame (dv.c:1156)
==12352==    by 0x4B36DF: avcodec_decode_video (utils.c:508)
==12352==    by 0x4324F8: av_find_stream_info (utils.c:1864)
==12352==    by 0x424333: opt_input_file (ffmpeg.c:2823)
==12352==    by 0x4275F6: parse_options (cmdutils.c:162)
==12352==    by 0x42383E: main (ffmpeg.c:3909)
==12352==
==12352== Use of uninitialised value of size 8
==12352==    at 0x5A14EF: dv_decode_ac (dv.c:457)
==12352==    by 0x5A1BB1: dv_decode_video_segment (dv.c:599)
==12352==    by 0x4B20FF: avcodec_default_execute (utils.c:377)
==12352==    by 0x5A5278: dvvideo_decode_frame (dv.c:1156)
==12352==    by 0x4B36DF: avcodec_decode_video (utils.c:508)
==12352==    by 0x4324F8: av_find_stream_info (utils.c:1864)
==12352==    by 0x424333: opt_input_file (ffmpeg.c:2823)
==12352==    by 0x4275F6: parse_options (cmdutils.c:162)
==12352==    by 0x42383E: main (ffmpeg.c:3909)
==12352==
==12352== Use of uninitialised value of size 8
==12352==    at 0x5A1502: dv_decode_ac (dv.c:458)
==12352==    by 0x5A1BB1: dv_decode_video_segment (dv.c:599)
==12352==    by 0x4B20FF: avcodec_default_execute (utils.c:377)
==12352==    by 0x5A5278: dvvideo_decode_frame (dv.c:1156)
==12352==    by 0x4B36DF: avcodec_decode_video (utils.c:508)
==12352==    by 0x4324F8: av_find_stream_info (utils.c:1864)
==12352==    by 0x424333: opt_input_file (ffmpeg.c:2823)
==12352==    by 0x4275F6: parse_options (cmdutils.c:162)
==12352==    by 0x42383E: main (ffmpeg.c:3909)
==12352==
==12352== Use of uninitialised value of size 8
==12352==    at 0x5A1497: dv_decode_ac (dv.c:452)
==12352==    by 0x5A1D12: dv_decode_video_segment (dv.c:625)
==12352==    by 0x4B20FF: avcodec_default_execute (utils.c:377)
==12352==    by 0x5A5278: dvvideo_decode_frame (dv.c:1156)
==12352==    by 0x4B36DF: avcodec_decode_video (utils.c:508)
==12352==    by 0x4324F8: av_find_stream_info (utils.c:1864)
==12352==    by 0x424333: opt_input_file (ffmpeg.c:2823)
==12352==    by 0x4275F6: parse_options (cmdutils.c:162)
==12352==    by 0x42383E: main (ffmpeg.c:3909)
==12352==
==12352== Use of uninitialised value of size 8
==12352==    at 0x5A14EF: dv_decode_ac (dv.c:457)
==12352==    by 0x5A1D12: dv_decode_video_segment (dv.c:625)
==12352==    by 0x4B20FF: avcodec_default_execute (utils.c:377)
==12352==    by 0x5A5278: dvvideo_decode_frame (dv.c:1156)
==12352==    by 0x4B36DF: avcodec_decode_video (utils.c:508)
==12352==    by 0x4324F8: av_find_stream_info (utils.c:1864)
==12352==    by 0x424333: opt_input_file (ffmpeg.c:2823)
==12352==    by 0x4275F6: parse_options (cmdutils.c:162)
==12352==    by 0x42383E: main (ffmpeg.c:3909)
==12352==
==12352== Use of uninitialised value of size 8
==12352==    at 0x5A1502: dv_decode_ac (dv.c:458)
==12352==    by 0x5A1D12: dv_decode_video_segment (dv.c:625)
==12352==    by 0x4B20FF: avcodec_default_execute (utils.c:377)
==12352==    by 0x5A5278: dvvideo_decode_frame (dv.c:1156)
==12352==    by 0x4B36DF: avcodec_decode_video (utils.c:508)
==12352==    by 0x4324F8: av_find_stream_info (utils.c:1864)
==12352==    by 0x424333: opt_input_file (ffmpeg.c:2823)
==12352==    by 0x4275F6: parse_options (cmdutils.c:162)
==12352==    by 0x42383E: main (ffmpeg.c:3909)
==12352==
==12352== Use of uninitialised value of size 8
==12352==    at 0x5A14CC: dv_decode_ac (dv.c:454)
==12352==    by 0x5A1BB1: dv_decode_video_segment (dv.c:599)
==12352==    by 0x4B20FF: avcodec_default_execute (utils.c:377)
==12352==    by 0x5A5278: dvvideo_decode_frame (dv.c:1156)
==12352==    by 0x4B36DF: avcodec_decode_video (utils.c:508)
==12352==    by 0x4324F8: av_find_stream_info (utils.c:1864)
==12352==    by 0x424333: opt_input_file (ffmpeg.c:2823)
==12352==    by 0x4275F6: parse_options (cmdutils.c:162)
==12352==    by 0x42383E: main (ffmpeg.c:3909)
Input #0, avi, from '../data/avi_transcode_error_on_windows_build.avi':
  Duration: 00:00:01.36, start: 0.000000, bitrate: 30246 kb/s
    Stream #0.0: Video: dvvideo, yuv411p, 720x576, 25.00 tb(r)
    Stream #0.1: Audio: pcm_s16le, 48000 Hz, stereo, s16, 1536 kb/s
Output #0, avi, to 'output.avi':
    Stream #0.0: Video: mpeg4, yuv420p, 720x576, q=2-31, 200 kb/s, 25.00 tb(c)
    Stream #0.1: Audio: mp2, 48000 Hz, stereo, s16, 64 kb/s
Stream mapping:
  Stream #0.0 -> #0.0
  Stream #0.1 -> #0.1
Press [q] to stop encoding
frame=    1 fps=  0 q=5.6 Lsize=      52kB time=0.04 bitrate=10716.4kbits/s
video:42kB audio:1kB global headers:0kB muxing overhead 23.151532%
==12352==
==12352== ERROR SUMMARY: 1328 errors from 7 contexts (suppressed: 8 from 1)
==12352== malloc/free: in use at exit: 987,912 bytes in 11 blocks.
==12352== malloc/free: 410 allocs, 399 frees, 7,418,232 bytes allocated.
==12352== For counts of detected errors, rerun with: -v
==12352== searching for pointers to 11 not-freed blocks.
==12352== checked 3,520,056 bytes.
==12352==
==12352== LEAK SUMMARY:
==12352==    definitely lost: 0 bytes in 0 blocks.
==12352==      possibly lost: 0 bytes in 0 blocks.
==12352==    still reachable: 987,912 bytes in 11 blocks.
==12352==         suppressed: 0 bytes in 0 blocks.
==12352== Rerun with --leak-check=full to see details of leaked memory.

Ramiro Polla




More information about the ffmpeg-devel mailing list