[FFmpeg-trac] #123(FFplay:reopened): Fuzzed sample crashes ffplay

FFmpeg trac at avcodec.org
Fri Jun 8 18:57:45 CEST 2012

#123: Fuzzed sample crashes ffplay
             Reporter:  cehoyos  |                    Owner:  michael
                 Type:  defect   |                   Status:  reopened
             Priority:  normal   |                Component:  FFplay
              Version:  git      |               Resolution:
             Keywords:           |               Blocked By:
             Blocking:           |  Reproduced by developer:  0
Analyzed by developer:  0        |
Changes (by cehoyos):

 * status:  closed => reopened
 * resolution:  fixed =>


 I still get a crash with ffplay with current git master (but no invalid
 access with ffmpeg -f null), unfortunately without a useful backtrace...
 ==18325== Invalid write of size 1
 ==18325==    at 0x40245A7: memcpy (in
 ==18325==    by 0x8747A68: av_image_copy_plane (imgutils.c:239)
 ==18325==    by 0x8747C22: av_image_copy (imgutils.c:273)
 ==18325==    by 0x838356B: av_picture_copy (imgconvert.c:524)
 ==18325==    by 0x804F8EE: queue_picture (ffplay.c:1446)
 ==18325==    by 0x80506EF: video_thread (ffplay.c:1749)
 ==18325==    by 0x40543DA: (within /usr/lib/libSDL-1.2.so.0.11.1)
 ==18325==    by 0x40A22DC: (within /usr/lib/libSDL-1.2.so.0.11.1)
 ==18325==    by 0x40DE191: start_thread (in /lib/libpthread-2.6.1.so)
 ==18325==    by 0x420502D: clone (in /lib/libc-2.6.1.so)
 ==18325==  Address 0xA5460CF is not stack'd, malloc'd or (recently) free'd

Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/123#comment:4>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker

More information about the FFmpeg-trac mailing list