[FFmpeg-devel] [PATCH]: avoid sending empty probe data to probing functions

Thomas Hutschenreuther thutschenreuther at mufin.com
Thu Jul 12 15:41:12 CEST 2012

> The calling code is supposed to add 32 null bytes as padding to the probe
> data buffer. ASAICS, adts_aac_probe relies on it (which is a style I do not
> like personally but is perfectly valid in the context of ffmpeg) in a safe
> way.
> Therefore, your post-mortem on the crash you were experiencing seems
> incomplete: if p->buf was NULL, it should not have been, and we need to know
> why; if b->buf was not NULL, it should point to at least 32 bytes of 0, and
> if not we also need to know why.
> Can you point us to a sample that causes the crash you were investigating?

I only experienced this when decoding mpegts-over-ip streams. I have 
spent quite some time trying to construct a static file, which causes 
the various crashes I am experiencing with this but as of yet without 
any luck.

The root cause for the problem looks to be the same as in 
since the substream being probed does not really exist in the input 
ts-stream and seems to originate from a misinterpreted PES packet.

p->buf definitely was 0x0 in at the point where the program crashed.
The only reason I can see is, that for a certain stream, 
probe_codec(s, st, NULL);

is called on a stream st, that only has empty probe_data attached to it.

I am currently trying to produce a core dump with a completely 
unoptimized ffmpeg binary (--disable-asm --disable-yasm --enable-debug=3 
--disable-optimizations). Maybe this helps.

Best regards,

Thomas Hutschenreuther
mufin Development Team

More information about the ffmpeg-devel mailing list