[FFmpeg-devel] [PATCH] lavc/alsdec: allow for predictor orders higher than block length which is valid in ALS.
Michael Niedermayer
michael at niedermayer.cc
Thu Nov 10 13:39:24 EET 2016
On Wed, Nov 09, 2016 at 08:02:41PM +0100, Thilo Borgmann wrote:
> Hi,
>
> fixes ticket #5297 reverting an old commit.
>
> -Thilo
> alsdec.c | 6 +-----
> 1 file changed, 1 insertion(+), 5 deletions(-)
> 82dc6f263e8a3f35e5321f355a61b2f3304f531d 0001-lavc-alsdec-allow-for-predictor-orders-higher-than-b.patch
> From 50f62f88696d1401d93c552d52fe1b9c396f8a00 Mon Sep 17 00:00:00 2001
> From: Thilo Borgmann <thilo.borgmann at mail.de>
> Date: Wed, 9 Nov 2016 20:00:02 +0100
> Subject: [PATCH] lavc/alsdec: allow for predictor orders higher than block
> length which is valid in ALS.
>
> Reverts: 18f94df8af04f2c02a25a7dec512289feff6517f
> Fixes ticket #5297
> ---
> libavcodec/alsdec.c | 6 +-----
> 1 file changed, 1 insertion(+), 5 deletions(-)
this causes segfautlts:
valgrind ./ffmpeg_g -i abd3c041acbcb816be113455d138166b-asan_heap-oob_b11634_3707_cov_1707137151_als_05_2ch48k16b.mp4 -f null -
==15702== Memcheck, a memory error detector
==15702== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al.
==15702== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info
==15702== Command: ./ffmpeg_g -i abd3c041acbcb816be113455d138166b-asan_heap-oob_b11634_3707_cov_1707137151_als_05_2ch48k16b.mp4 -f null -
==15702==
[...]
==15702== Invalid read of size 4
==15702== at 0x792EC8: decode_var_block_data (alsdec.c:931)
==15702== by 0x7932EE: decode_block (alsdec.c:1029)
==15702== by 0x7933AC: read_decode_block (alsdec.c:1053)
==15702== by 0x79356D: decode_blocks_ind (alsdec.c:1100)
==15702== by 0x795611: read_frame_data (alsdec.c:1640)
==15702== by 0x795EF6: decode_frame (alsdec.c:1782)
==15702== by 0xB213E1: avcodec_decode_audio4 (utils.c:2362)
==15702== by 0xB22E01: do_decode (utils.c:2793)
==15702== by 0xB231AB: avcodec_send_packet (utils.c:2877)
==15702== by 0x430FD5: decode (ffmpeg.c:2049)
==15702== by 0x431135: decode_audio (ffmpeg.c:2079)
==15702== by 0x432F4D: process_input_packet (ffmpeg.c:2493)
==15702== Address 0x1067ed10 is 0 bytes after a block of size 6,224 alloc'd
==15702== at 0x4C2A6C5: memalign (vg_replace_malloc.c:727)
==15702== by 0x4C2A760: posix_memalign (vg_replace_malloc.c:876)
==15702== by 0x1063B9F: av_malloc (mem.c:97)
==15702== by 0x1063E47: av_mallocz (mem.c:254)
==15702== by 0x790931: av_mallocz_array (mem.h:230)
==15702== by 0x796EE0: decode_init (alsdec.c:2061)
==15702== by 0xB1EE96: avcodec_open2 (utils.c:1603)
==15702== by 0x433E04: init_input_stream (ffmpeg.c:2755)
==15702== by 0x436A38: transcode_init (ffmpeg.c:3509)
==15702== by 0x43A3A2: transcode (ffmpeg.c:4395)
==15702== by 0x43AC2F: main (ffmpeg.c:4629)
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
If a bugfix only changes things apparently unrelated to the bug with no
further explanation, that is a good sign that the bugfix is wrong.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20161110/9071110c/attachment.sig>
More information about the ffmpeg-devel
mailing list