[FFmpeg-trac] #2648(avcodec:open): tiff: planar lzw decodes incorrectly

FFmpeg trac at avcodec.org
Thu Jun 6 21:32:06 CEST 2013


#2648: tiff: planar lzw decodes incorrectly
------------------------------------+-----------------------------------
             Reporter:  ami_stuff   |                    Owner:
                 Type:  defect      |                   Status:  open
             Priority:  normal      |                Component:  avcodec
              Version:  git-master  |               Resolution:
             Keywords:  tif         |               Blocked By:
             Blocking:              |  Reproduced by developer:  1
Analyzed by developer:  0           |
------------------------------------+-----------------------------------
Changes (by cehoyos):

 * keywords:   => tif
 * status:  new => open
 * version:  unspecified => git-master
 * component:  undetermined => avcodec
 * reproduced:  0 => 1


Comment:

 Crashes ffplay and valgrind here (similar with --disable-pthreads), no
 backtrace.
 {{{
 $ valgrind ffplay_g -threads 1 per_channel_lzw.tif
 ==7617== Memcheck, a memory error detector
 ==7617== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
 ==7617== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
 ==7617== Command:ffplay_g -threads 1 per_channel_lzw.tif
 ==7617==
 ffplay version N-53878-g00f4998 Copyright (c) 2003-2013 the FFmpeg
 developers
   built on Jun  6 2013 21:28:03 with gcc 4.7 (SUSE Linux)
   configuration: --disable-optimizations --disable-asm
   libavutil      52. 35.100 / 52. 35.100
   libavcodec     55. 15.100 / 55. 15.100
   libavformat    55.  8.102 / 55.  8.102
   libavdevice    55.  2.100 / 55.  2.100
   libavfilter     3. 75.101 /  3. 75.101
   libswscale      2.  3.100 /  2.  3.100
   libswresample   0. 17.102 /  0. 17.102
 Input #0, image2, from 'per_channel_lzw.tif': 0KB sq=    0B f=0/0
   Duration: 00:00:00.04, start: 0.000000, bitrate: N/A    nan    :  0.000
 fd=   0 aq=    0KB vq=    0KB sq=    0B f=0/0
     Stream #0:0: Video: tiff, gbrp, 1024x768, 25 tbr, 25 tbn, 25 tbc
 ==7617== Thread 5:n fd=   0 aq=    0KB vq=    0KB sq=    0B f=0/0
 ==7617== Invalid read of size 1
 ==7617==    at 0xA1D5BF: decode_frame (tiff.c:1199)
 ==7617==    by 0xA3CC4C: avcodec_decode_video2 (utils.c:1951)
 ==7617==    by 0x40BCEA: get_video_frame (ffplay.c:1689)
 ==7617==    by 0x40CA8C: video_thread (ffplay.c:1923)
 ==7617==    by 0x5CCDE95: ??? (in /usr/lib64/libSDL-1.2.so.0.11.4)
 ==7617==    by 0x5D10CD8: ??? (in /usr/lib64/libSDL-1.2.so.0.11.4)
 ==7617==    by 0x5F5EE0D: start_thread (in /lib64/libpthread-2.15.so)
 ==7617==    by 0x6B7B2CC: clone (in /lib64/libc-2.15.so)
 ==7617==  Address 0xa13a1f0 is 0 bytes after a block of size 786,448
 alloc'd
 ==7617==    at 0x4C290FE: memalign (in /usr/lib64/valgrind
 /vgpreload_memcheck-amd64-linux.so)
 ==7617==    by 0x4C291A7: posix_memalign (in /usr/lib64/valgrind
 /vgpreload_memcheck-amd64-linux.so)
 ==7617==    by 0xCE9D7D: av_malloc (mem.c:93)
 ==7617==    by 0xCDC9FC: av_buffer_alloc (buffer.c:70)
 ==7617==    by 0xCDCA61: av_buffer_allocz (buffer.c:83)
 ==7617==    by 0xCDD0F1: pool_alloc_buffer (buffer.c:305)
 ==7617==    by 0xCDD265: av_buffer_pool_get (buffer.c:343)
 ==7617==    by 0xA386C8: video_get_buffer (utils.c:550)
 ==7617==    by 0xA38ADD: avcodec_default_get_buffer2 (utils.c:615)
 ==7617==    by 0xA3946E: get_buffer_internal (utils.c:830)
 ==7617==    by 0xA394D1: ff_get_buffer (utils.c:842)
 ==7617==    by 0xA19B9B: init_image (tiff.c:662)
 ==7617==
 ==7617== Invalid write of size 1
 ==7617==    at 0xA1D5D6: decode_frame (tiff.c:1199)
 ==7617==    by 0xA3CC4C: avcodec_decode_video2 (utils.c:1951)
 ==7617==    by 0x40BCEA: get_video_frame (ffplay.c:1689)
 ==7617==    by 0x40CA8C: video_thread (ffplay.c:1923)
 ==7617==    by 0x5CCDE95: ??? (in /usr/lib64/libSDL-1.2.so.0.11.4)
 ==7617==    by 0x5D10CD8: ??? (in /usr/lib64/libSDL-1.2.so.0.11.4)
 ==7617==    by 0x5F5EE0D: start_thread (in /lib64/libpthread-2.15.so)
 ==7617==    by 0x6B7B2CC: clone (in /lib64/libc-2.15.so)
 ==7617==  Address 0xa13a1f0 is 0 bytes after a block of size 786,448
 alloc'd
 ==7617==    at 0x4C290FE: memalign (in /usr/lib64/valgrind
 /vgpreload_memcheck-amd64-linux.so)
 ==7617==    by 0x4C291A7: posix_memalign (in /usr/lib64/valgrind
 /vgpreload_memcheck-amd64-linux.so)
 ==7617==    by 0xCE9D7D: av_malloc (mem.c:93)
 ==7617==    by 0xCDC9FC: av_buffer_alloc (buffer.c:70)
 ==7617==    by 0xCDCA61: av_buffer_allocz (buffer.c:83)
 ==7617==    by 0xCDD0F1: pool_alloc_buffer (buffer.c:305)
 ==7617==    by 0xCDD265: av_buffer_pool_get (buffer.c:343)
 ==7617==    by 0xA386C8: video_get_buffer (utils.c:550)
 ==7617==    by 0xA38ADD: avcodec_default_get_buffer2 (utils.c:615)
 ==7617==    by 0xA3946E: get_buffer_internal (utils.c:830)
 ==7617==    by 0xA394D1: ff_get_buffer (utils.c:842)
 ==7617==    by 0xA19B9B: init_image (tiff.c:662)
 ==7617==
 ==7617== Invalid read of size 1
 ==7617==    at 0xA1D5D1: decode_frame (tiff.c:1199)
 ==7617==    by 0xA3CC4C: avcodec_decode_video2 (utils.c:1951)
 ==7617==    by 0x40BCEA: get_video_frame (ffplay.c:1689)
 ==7617==    by 0x40CA8C: video_thread (ffplay.c:1923)
 ==7617==    by 0x5CCDE95: ??? (in /usr/lib64/libSDL-1.2.so.0.11.4)
 ==7617==    by 0x5D10CD8: ??? (in /usr/lib64/libSDL-1.2.so.0.11.4)
 ==7617==    by 0x5F5EE0D: start_thread (in /lib64/libpthread-2.15.so)
 ==7617==    by 0x6B7B2CC: clone (in /lib64/libc-2.15.so)
 ==7617==  Address 0xa13a1f0 is 0 bytes after a block of size 786,448
 alloc'd
 ==7617==    at 0x4C290FE: memalign (in /usr/lib64/valgrind
 /vgpreload_memcheck-amd64-linux.so)
 ==7617==    by 0x4C291A7: posix_memalign (in /usr/lib64/valgrind
 /vgpreload_memcheck-amd64-linux.so)
 ==7617==    by 0xCE9D7D: av_malloc (mem.c:93)
 ==7617==    by 0xCDC9FC: av_buffer_alloc (buffer.c:70)
 ==7617==    by 0xCDCA61: av_buffer_allocz (buffer.c:83)
 ==7617==    by 0xCDD0F1: pool_alloc_buffer (buffer.c:305)
 ==7617==    by 0xCDD265: av_buffer_pool_get (buffer.c:343)
 ==7617==    by 0xA386C8: video_get_buffer (utils.c:550)
 ==7617==    by 0xA38ADD: avcodec_default_get_buffer2 (utils.c:615)
 ==7617==    by 0xA3946E: get_buffer_internal (utils.c:830)
 ==7617==    by 0xA394D1: ff_get_buffer (utils.c:842)
 ==7617==    by 0xA19B9B: init_image (tiff.c:662)
 ==7617==
 --7617-- VALGRIND INTERNAL ERROR: Valgrind received a signal 11 (SIGSEGV)
 - exiting
 --7617-- si_code=80;  Faulting address: 0x0;  sp: 0x406539db0
 }}}

-- 
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/2648#comment:1>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker


More information about the FFmpeg-trac mailing list