[FFmpeg-trac] #408(undetermined:new): ffmpeg: Invalid read of size 1 in roq_decode_frame
FFmpeg
trac at avcodec.org
Sat Aug 20 09:44:05 CEST 2011
#408: ffmpeg: Invalid read of size 1 in roq_decode_frame
--------------------------+---------------------
Reporter: daw | Type: defect
Status: new | Priority: normal
Component: undetermined | Version: git
Keywords: | Blocked By:
Blocking: | Reproduced: 0
Analyzed: 0 |
--------------------------+---------------------
The following file causes a Valgrind warning of out-of-bounds memory
access:
{{{
$ valgrind ./ffmpeg -v 9 -loglevel 99 -i bug1/bad.roq -y -target pal-vcd
out
ffmpeg version N-32008-g13e9a0f, Copyright (c) 2000-2011 the FFmpeg
developers
built on Aug 19 2011 23:34:14 with gcc 4.5.1 20100924 (Red Hat 4.5.1-4)
[...]
==9808== Invalid read of size 1
==9808== at 0x7406EE: roq_decode_frame (roqvideodec.c:78)
==9808== by 0x7AAAB6: avcodec_decode_video2 (utils.c:769)
==9808== by 0x435134: output_packet (ffmpeg.c:1627)
==9808== by 0x4384AC: transcode.clone.11 (ffmpeg.c:2812)
==9808== by 0x43CB4C: main (ffmpeg.c:4569)
==9808== Address 0x4eec326 is 0 bytes after a block of size 18,982
alloc'd
==9808== at 0x4A0473F: memalign (vg_replace_malloc.c:532)
==9808== by 0x4A04798: posix_memalign (vg_replace_malloc.c:660)
==9808== by 0x9574A4: av_malloc (mem.c:90)
==9808== by 0x51793B: av_new_packet (avpacket.c:64)
==9808== by 0x4E9474: av_get_packet (utils.c:270)
==9808== by 0x4803AD: roq_read_packet (idroqdec.c:157)
==9808== by 0x4EA183: av_read_packet (utils.c:732)
==9808== by 0x4EA6C6: read_frame_internal (utils.c:1199)
==9808== by 0x43820A: transcode.clone.11 (ffmpeg.c:2753)
==9808== by 0x43CB4C: main (ffmpeg.c:4569)
[...]
}}}
The input file that triggers this (see attached file) differs by one byte
from tests/data/vsynth2/roqav.roq. I'm using the latest from git.
--
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/408>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list