[FFmpeg-trac] #4242(avcodec:new): vp9: deadlock with fuzzed file
FFmpeg
trac at avcodec.org
Sat Jan 10 13:47:32 CET 2015
#4242: vp9: deadlock with fuzzed file
---------------------------------+--------------------------------------
Reporter: tholin | Type: defect
Status: new | Priority: normal
Component: avcodec | Version: git-master
Keywords: | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
---------------------------------+--------------------------------------
The attached file hangs in an infinite loop.
{{{
$ ./ffmpeg -v 9 -loglevel 99 -i ~/fuzz/vp9_parser_infloop.webm
ffmpeg version N-68999-g6f838de Copyright (c) 2000-2015 the FFmpeg
developers
built on Jan 10 2015 10:21:01 with gcc 4.8.3 (Gentoo 4.8.3 p1.1,
pie-0.5.9)
configuration: --prefix=/home/cocobo/repository/mpv-
build_vanilla_debug/build_libs --enable-static --disable-shared --enable-
gpl --enable-avresample --enable-debug=gdb --disable-doc --disable-
optimizations --disable-stripping
libavutil 54. 16.100 / 54. 16.100
libavcodec 56. 20.100 / 56. 20.100
libavformat 56. 18.100 / 56. 18.100
libavdevice 56. 3.100 / 56. 3.100
libavfilter 5. 7.100 / 5. 7.100
libavresample 2. 1. 0 / 2. 1. 0
libswscale 3. 1.101 / 3. 1.101
libswresample 1. 1.100 / 1. 1.100
libpostproc 53. 3.100 / 53. 3.100
Splitting the commandline.
Reading option '-v' ... matched as option 'v' (set logging level) with
argument '9'.
Reading option '-loglevel' ... matched as option 'loglevel' (set logging
level) with argument '99'.
Reading option '-i' ... matched as input file with argument
'/home/cocobo/fuzz/vp9_parser_infloop.webm'.
Finished splitting the commandline.
Parsing a group of options: global .
Applying option v (set logging level) with argument 9.
Successfully parsed a group of options.
Parsing a group of options: input file
/home/cocobo/fuzz/vp9_parser_infloop.webm.
Successfully parsed a group of options.
Opening an input file: /home/cocobo/fuzz/vp9_parser_infloop.webm.
[matroska,webm @ 0x3bf53a0] Format matroska,webm probed with size=2048 and
score=100
[matroska,webm @ 0x3bf53a0] Unknown entry 0x4C32
Truncating packet of size 1048576 to 14912
[matroska,webm @ 0x3bf53a0] Unknown entry 0x81
[matroska,webm @ 0x3bf53a0] Read error at pos. 171 (0xab)
[matroska,webm @ 0x3bf53a0] Unknown entry 0x82
[matroska,webm @ 0x3bf53a0] Unknown entry 0x84
Truncating packet of size 178937 to 15212
[matroska,webm @ 0x3bf53a0] Unknown entry 0x4C32
Truncating packet of size 1048576 to 14912
[matroska,webm @ 0x3bf53a0] Read error at pos. 1279 (0x4ff)
[matroska,webm @ 0x3bf53a0] Unknown entry 0x93
[matroska,webm @ 0x3bf53a0] Read error at pos. 5142 (0x1416)
[matroska,webm @ 0x3bf53a0] Invalid length 0xffffffffffffff > 0x8 for
syntax element 1
[matroska,webm @ 0x3bf53a0] Invalid length 0x103a31 > 0x8 for syntax
element 1
[matroska,webm @ 0x3bf53a0] Read error at pos. 7775 (0x1e5f)
[matroska,webm @ 0x3bf53a0] Unknown entry 0x91
[matroska,webm @ 0x3bf53a0] Unknown entry 0x63A2
[matroska,webm @ 0x3bf53a0] Unknown entry 0x23E383
[matroska,webm @ 0x3bf53a0] Read error at pos. 8082 (0x1f92)
[matroska,webm @ 0x3bf53a0] Unknown entry 0x7FFF
Last message repeated 1 times
[matroska,webm @ 0x3bf53a0] Read error at pos. 8812 (0x226c)
[matroska,webm @ 0x3bf53a0] Unknown entry 0x7FFF
[matroska,webm @ 0x3bf53a0] Read error at pos. 9990 (0x2706)
[matroska,webm @ 0x3bf53a0] Read error at pos. 10510 (0x290e)
[matroska,webm @ 0x3bf53a0] Unknown entry 0x7FFF
st:0 removing common factor 1000000 from timebase
st:1 removing common factor 1000000 from timebase
st:2 removing common factor 1000000 from timebase
[matroska,webm @ 0x3bf53a0] Unknown or unsupported track type 0
st:3 removing common factor 1000000 from timebase
[matroska,webm @ 0x3bf53a0] Unknown or unsupported track type 0
[matroska,webm @ 0x3bf53a0] Unknown/unsupported AVCodecID V_MS/VFWNFOURCC.
st:4 removing common factor 1000000 from timebase
[matroska,webm @ 0x3bf53a0] Before avformat_find_stream_info() pos: 11541
bytes read:15317 seeks:0
[matroska,webm @ 0x3bf53a0] parser not found for codec none, packets or
times may be invalid.
[vp9 @ 0x3bf79e0] Superframe packet size too big: 196 > 31
[vp9 @ 0x3bf79e0] Superframe packet size too big: 196 > 0
Last message repeated 11977132 times
^C
}}}
--
Ticket URL: <https://trac.ffmpeg.org/ticket/4242>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list