[FFmpeg-trac] #5132(avformat:new): signed integer overflow in avformat_find_stream_info()
FFmpeg
trac at avcodec.org
Thu Jan 7 03:05:38 CET 2016
#5132: signed integer overflow in avformat_find_stream_info()
----------------------------------+--------------------------------------
Reporter: tsmith | Type: defect
Status: new | Priority: normal
Component: avformat | Version: git-master
Keywords: | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
----------------------------------+--------------------------------------
Summary of the bug:
UBSan: libavformat/utils.c:3498:49: runtime error: signed integer
overflow: 2045163756 * 2 cannot be represented in type 'int'
How to reproduce:
{{{
% ffmpeg -f ivf -i <test_case> -f null -
ffmpeg version N-77718-g72673ad Copyright (c) 2000-2016 the FFmpeg
developers
built with Ubuntu clang version 3.7.1-svn253742-1~exp1
(branches/release_37) (based on LLVM 3.7.1)
configuration: --cc=clang --cxx=clang++ --disable-libxcb --disable-xlib
--disable-logging --disable-ffprobe --disable-ffplay --disable-sdl
--disable-ffserver --disable-doc --disable-pthreads --disable-network
--disable-d3d11va --disable-dxva2 --disable-vaapi --disable-vda --disable-
vdpau --disable-stripping --disable-runtime-cpudetect --disable-
securetransport --disable-iconv
libavutil 55. 12.100 / 55. 12.100
libavcodec 57. 22.100 / 57. 22.100
libavformat 57. 21.101 / 57. 21.101
libavdevice 57. 0.100 / 57. 0.100
libavfilter 6. 23.100 / 6. 23.100
libswscale 4. 0.100 / 4. 0.100
libswresample 2. 0.101 / 2. 0.101
st:0 has too large timebase, reducing
...full output attached...
libavformat/utils.c:3498:49: runtime error: signed integer overflow:
2045163756 * 2 cannot be represented in type 'int'
#0 0xc23ac9 in avformat_find_stream_info
/home/user/code/ffmpeg/libavformat/utils.c:3498:49
#1 0x53c6cb in open_input_file
/home/user/code/ffmpeg/ffmpeg_opt.c:970:11
#2 0x53a94f in open_files /home/user/code/ffmpeg/ffmpeg_opt.c:2999:15
#3 0x53a11c in ffmpeg_parse_options
/home/user/code/ffmpeg/ffmpeg_opt.c:3036:11
#4 0x56f5ab in main /home/user/code/ffmpeg/ffmpeg.c:4292:11
#5 0x7f5daa759ec4 in __libc_start_main /build/buildd/eglibc-2.19/csu
/libc-start.c:287
#6 0x466445 in _start (/home/user/Desktop/ffmpeg/ffmpeg_full+0x466445)
}}}
Patches should be submitted to the ffmpeg-devel mailing list and not this
bug tracker.
--
Ticket URL: <https://trac.ffmpeg.org/ticket/5132>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list