[FFmpeg-trac] #8135(avformat:open): ffprobe of mpd aborts with "pointer being freed was not allocated" in parse_programinformation()
FFmpeg
trac at avcodec.org
Fri Sep 13 20:03:32 EEST 2019
#8135: ffprobe of mpd aborts with "pointer being freed was not allocated" in
parse_programinformation()
-------------------------------------+-------------------------------------
Reporter: npryan | Owner:
Type: defect | Status: open
Priority: important | Component: avformat
Version: git-master | Resolution:
Keywords: dash crash | Blocked By:
abort |
Blocking: | Reproduced by developer: 1
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
Changes (by cehoyos):
* keywords: dash crash => dash crash abort
* priority: normal => important
* status: new => open
* reproduced: 0 => 1
Comment:
For future tickets: Please always test `ffmpeg` (unless it does not allow
to reproduce an issue) instead of `ffplay` or `ffprobe` and please provide
the command line you tested together with the complete, uncut console
output to make your tickets valid.
{{{
$ valgrind ffmpeg_g -i master.mpd
==5400== Memcheck, a memory error detector
==5400== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==5400== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright
info
==5400== Command: /mnt/sdb6/cehoyos/android/linux64/ffmpeg_g -i master.mpd
==5400==
ffmpeg version N-94842-ge26fb6a714 Copyright (c) 2000-2019 the FFmpeg
developers
built with clang version 8.0.1 (tags/RELEASE_801/final 366581)
configuration: --cc=clang --enable-gpl --enable-gnutls --enable-libxml2
--enable-libx264 --enable-libx265 --enable-libvpx --enable-libaom
libavutil 56. 35.100 / 56. 35.100
libavcodec 58. 56.101 / 58. 56.101
libavformat 58. 32.104 / 58. 32.104
libavdevice 58. 9.100 / 58. 9.100
libavfilter 7. 58.102 / 7. 58.102
libswscale 5. 6.100 / 5. 6.100
libswresample 3. 6.100 / 3. 6.100
libpostproc 55. 6.100 / 55. 6.100
==5400== Invalid free() / delete / delete[] / realloc()
==5400== at 0x48379AB: free (in /usr/lib64/valgrind/vgpreload_memcheck-
amd64-linux.so)
==5400== by 0x676276: parse_programinformation (dashdec.c:1197)
==5400== by 0x676276: parse_manifest (dashdec.c:1352)
==5400== by 0x674D80: dash_read_header (dashdec.c:2047)
==5400== by 0x779FEE: avformat_open_input (utils.c:631)
==5400== by 0x40BA74: open_input_file (ffmpeg_opt.c:1104)
==5400== by 0x40B28F: open_files (ffmpeg_opt.c:3275)
==5400== by 0x40B0A9: ffmpeg_parse_options (ffmpeg_opt.c:3315)
==5400== by 0x41DDC9: main (ffmpeg.c:4872)
==5400== Address 0x7461b30 is 0 bytes inside a block of size 66 free'd
==5400== at 0x48379AB: free (in /usr/lib64/valgrind/vgpreload_memcheck-
amd64-linux.so)
==5400== by 0x676276: parse_programinformation (dashdec.c:1197)
==5400== by 0x676276: parse_manifest (dashdec.c:1352)
==5400== by 0x674D80: dash_read_header (dashdec.c:2047)
==5400== by 0x779FEE: avformat_open_input (utils.c:631)
==5400== by 0x40BA74: open_input_file (ffmpeg_opt.c:1104)
==5400== by 0x40B28F: open_files (ffmpeg_opt.c:3275)
==5400== by 0x40B0A9: ffmpeg_parse_options (ffmpeg_opt.c:3315)
==5400== by 0x41DDC9: main (ffmpeg.c:4872)
==5400== Block was alloc'd at
==5400== at 0x483677F: malloc (in /usr/lib64/valgrind
/vgpreload_memcheck-amd64-linux.so)
==5400== by 0x4D007B3: xmlBufCreateSize (in
/usr/lib64/libxml2.so.2.9.9)
==5400== by 0x4D516E9: xmlNodeGetContent (in
/usr/lib64/libxml2.so.2.9.9)
==5400== by 0x676217: parse_programinformation (dashdec.c:1181)
==5400== by 0x676217: parse_manifest (dashdec.c:1352)
==5400== by 0x674D80: dash_read_header (dashdec.c:2047)
==5400== by 0x779FEE: avformat_open_input (utils.c:631)
==5400== by 0x40BA74: open_input_file (ffmpeg_opt.c:1104)
==5400== by 0x40B28F: open_files (ffmpeg_opt.c:3275)
==5400== by 0x40B0A9: ffmpeg_parse_options (ffmpeg_opt.c:3315)
==5400== by 0x41DDC9: main (ffmpeg.c:4872)
}}}
Invalid reads and leaks are also reported for this input file.
--
Ticket URL: <https://trac.ffmpeg.org/ticket/8135#comment:2>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list