[FFmpeg-trac] #3864(undetermined:new): caf: deadlock (fuzzed file)
FFmpeg
trac at avcodec.org
Sun Aug 17 11:22:50 CEST 2014
#3864: caf: deadlock (fuzzed file)
-------------------------------------+-------------------------------------
Reporter: ami_stuff | Owner:
Type: defect | Status: new
Priority: normal | Component:
Version: | undetermined
unspecified | Keywords:
Blocked By: | Blocking:
Reproduced by developer: 0 | Analyzed by developer: 0
-------------------------------------+-------------------------------------
http://www.datafilehost.com/d/c026a39d
{{{
(gdb) r -i deadf.caf
Starting program: /media/sdb1/ffmpeg-snapshot/ffmpeg_g -i deadf.caf
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
ffmpeg version 2.3.git Copyright (c) 2000-2014 the FFmpeg developers
built on Aug 14 2014 23:56:56 with gcc 4.7 (Debian 4.7.2-5)
configuration: --disable-yasm --enable-gpl --disable-ffserver --disable-
ffprobe
libavutil 54. 3.100 / 54. 3.100
libavcodec 56. 0.101 / 56. 0.101
libavformat 56. 1.100 / 56. 1.100
libavdevice 56. 0.100 / 56. 0.100
libavfilter 5. 0.100 / 5. 0.100
libswscale 3. 0.100 / 3. 0.100
libswresample 1. 0.100 / 1. 0.100
libpostproc 53. 0.100 / 53. 0.100
[caf @ 0x93af340] skipping CAF chunk: 6368716E (chqn), size 12
Program received signal SIGINT, Interrupt.
0x089e64eb in av_dict_get (m=0x93a8420,
key=0xbfffee60
"d\355\303\373~\362\253\353\333\365e\356\213\367\206\374.\003\r\371\264\002J\366\001\356\372\374C\347I",
prev=0x0, flags=0)
at libavutil/dict.c:57
57 for (j = 0; av_toupper(s[j]) == av_toupper(key[j]) &&
key[j]; j++)
(gdb) bt
#0 0x089e64eb in av_dict_get (m=0x93a8420,
key=0xbfffee60
"d\355\303\373~\362\253\353\333\365e\356\213\367\206\374.\003\r\371\264\002J\366\001\356\372\374C\347I",
prev=0x0, flags=0)
at libavutil/dict.c:57
#1 0x089e65a9 in av_dict_set (pm=pm at entry=0x93af7b4,
key=key at entry=0xbfffee60
"d\355\303\373~\362\253\353\333\365e\356\213\367\206\374.\003\r\371\264\002J\366\001\356\372\374C\347I",
value=value at entry=0xbfffee80 "\367\324\342\062\365n\340", <incomplete
sequence \344\232>, flags=flags at entry=0) at libavutil/dict.c:72
#2 0x08195e37 in read_info_chunk (s=s at entry=0x93af340,
size=<error reading variable: Unhandled dwarf expression opcode 0xfa>)
at libavformat/cafdec.c:213
#3 0x08196464 in read_header (s=0x93af340) at libavformat/cafdec.c:285
#4 0x08294543 in avformat_open_input (ps=ps at entry=0xbffff43c,
filename=filename at entry=0xbffffb77 "deadf.caf", fmt=fmt at entry=0x0,
options=0x93a884c) at libavformat/utils.c:437
#5 0x080be28d in open_input_file (o=o at entry=0xbffff53c,
filename=<optimized out>) at ffmpeg_opt.c:870
#6 0x080b7d17 in open_files (inout=inout at entry=0x8a76cbb "input",
open_file=open_file at entry=0x80bdf90 <open_input_file>,
l=<error reading variable: Unhandled dwarf expression opcode 0xfa>,
l=<error reading variable: Unhandled dwarf expression opcode 0xfa>)
at ffmpeg_opt.c:2670
---Type <return> to continue, or q <return> to quit---
#7 0x080bff09 in ffmpeg_parse_options (argc=argc at entry=3,
argv=argv at entry=0xbffff9e4) at ffmpeg_opt.c:2707
#8 0x080af43a in main (argc=3, argv=0xbffff9e4) at ffmpeg.c:3824
(gdb)
}}}
--
Ticket URL: <https://trac.ffmpeg.org/ticket/3864>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list