[Libav-user] Array bounds error while reading from ffmpeg data array using Purify

Navin nkipe at tatapowersed.com
Mon Dec 24 06:26:25 CET 2012 

Actually I'm giving avipicture_fill a value. I didn't show that bit of 
the code.
/g_pFrameRGB = avcodec_alloc_frame_proc();/

But it's strange that purify is showing an error while reading from 
data[0][0]. At least the first value should've been read correctly. Am a 
bit worried about this, since bounds errors would give problems at 
completely unexpected times.
Could anyone help with this? Perhaps you'd get the same error if you try 
even a simple ffmpeg program with Purify.

Navin

On 12/18/2012 2:57 PM, Alex Cohn wrote:
>> So I reduced the code to just this
>> pAreaInMemory[0] = g_pFrameRGB->data[0][0];
>> and I'm still getting the error (which I've shown above).
>> The code goes something like this (I've shown many of the initializations in
>> GetFrame itself although they're supposed to be outside):
>>
>> bool GetFrame()
>> {
>>     ...blah...
>>     AVFrame*  g_pFrameRGB = NULL;
>>     avpicture_fill_proc((AVPicture *) g_pFrameRGB, pbuffer, PIX_FMT_RGB24,
>> g_metadata->WIDTH, g_metadata->HEIGHT);
> avipicture_fill does not expect NULL pointer to AVPicture as first
> parameter. The pointer must be initialized (see doc/examples/muxing.c
> for the correct usage).
>
> BR,
> Alex
> _______________________________________________
> Libav-user mailing list
> Libav-user at ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/libav-user
>


I've got a piece of code which extracts every rgb pixel from a video and 
displays it without any problem. But when I ran it with Purify, I got 
these errors:
*
[E] ABR: Array bounds read in GetFrame {197 occurrences}
         Reading 1 byte from 0x04ae0040 (1 byte at 0x04ae0040 illegal)
         Address 0x04ae0040 is 16 bytes before the beginning of a 
1769472 byte block at 0x04ae0050
         Address 0x04ae0040 points to a malloc'd block in heap 0x003a0000
         Thread ID: 0x17c4*

So I reduced the code to just this
*pAreaInMemory[0] = g_pFrameRGB->data[0][0];*
and I'm still getting the error (which I've shown above).
The code goes something like this (I've shown many of the 
initializations in GetFrame itself although they're supposed to be outside):

bool GetFrame()
{
    ...blah...
    AVFrame*  g_pFrameRGB = NULL;
    avpicture_fill_proc((AVPicture *) g_pFrameRGB, pbuffer, 
PIX_FMT_RGB24, g_metadata->WIDTH, g_metadata->HEIGHT);
    ...blah...
    sws_scale_proc(g_sws_ctx, (uint8_t const * const *)g_pFrame->data, 
g_pFrame->linesize, 0, g_metadata->HEIGHT, g_pFrameRGB->data, 
g_pFrameRGB->linesize );
    ...blah...
    unsigned char* pAreaInMemory = (unsigned char*) malloc( 
sizeof(unsigned char) * 1024 * 768 );
    ...get the video data here...
    pAreaInMemory[0] = g_pFrameRGB->data[0][0];
    ...blah...
    free(pAreaInMemory);
}

Why is there a bounds problem when reading from data[0][0] ? I noticed 
the way data is initialized in ffmpeg. Is this purify error something I 
can ignore (there's no memory leak. Just the bounds error) or can it 
lead to serious problems?

-- 
Navin


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://ffmpeg.org/pipermail/libav-user/attachments/20121224/29dca980/attachment.html>

More information about the Libav-user mailing list