Opened 9 months ago
Closed 9 months ago
#10866 closed defect (fixed)
speexdec regression
Reported by: | Michael Niedermayer | Owned by: | |
---|---|---|---|
Priority: | normal | Component: | avcodec |
Version: | git-master | Keywords: | |
Cc: | James | Blocked By: | |
Blocking: | 7.0 | Reproduced by developer: | yes |
Analyzed by developer: | no |
Description
Summary of the bug:
out of array accesses
testcase provided to james
this issue is to keep trac of 7.0 blocking issues
Regression since ab39cc36c72bb73318bb911acb66873de850a107.
==18832== Invalid write of size 4
==18832== at 0xD1CFC3: sb_decode (speexdec.c:1260)
==18832== by 0xD1E5EE: speex_decode_frame (speexdec.c:1558)
==18832== by 0x998846: decode_simple_internal (decode.c:430)
==18832== by 0x998DD7: decode_simple_receive_frame (decode.c:609)
==18832== by 0x998F47: decode_receive_frame_internal (decode.c:637)
==18832== by 0x99930C: avcodec_send_packet (decode.c:734)
==18832== by 0x669D2F: try_decode_frame (demux.c:2126)
==18832== by 0x66CAA0: avformat_find_stream_info (demux.c:2809)
==18832== by 0x24E9C2: ifile_open (ffmpeg_demux.c:1663)
==18832== by 0x2755BE: open_files (ffmpeg_opt.c:1333)
==18832== by 0x275780: ffmpeg_parse_options (ffmpeg_opt.c:1373)
==18832== by 0x289702: main (ffmpeg.c:1032)
==18832== Address 0x16a170c0 is 0 bytes after a block of size 1,536 alloc'd
==18832== at 0x4C33E76: memalign (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==18832== by 0x4C33F91: posix_memalign (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==18832== by 0x13E4006: av_malloc (mem.c:105)
==18832== by 0x13BFC1D: av_buffer_alloc (buffer.c:82)
==18832== by 0x13C0665: pool_alloc_buffer (buffer.c:362)
==18832== by 0x13C07E6: av_buffer_pool_get (buffer.c:401)
==18832== by 0xA46052: audio_get_buffer (get_buffer.c:203)
==18832== by 0xA4648D: avcodec_default_get_buffer2 (get_buffer.c:278)
==18832== by 0x99B967: ff_get_buffer (decode.c:1673)
==18832== by 0xD1E52E: speex_decode_frame (speexdec.c:1552)
==18832== by 0x998846: decode_simple_internal (decode.c:430)
==18832== by 0x998DD7: decode_simple_receive_frame (decode.c:609)
==18832== by 0x998F47: decode_receive_frame_internal (decode.c:637)
==18832== by 0x99930C: avcodec_send_packet (decode.c:734)
==18832== by 0x669D2F: try_decode_frame (demux.c:2126)
==18832== by 0x66CAA0: avformat_find_stream_info (demux.c:2809)
==18832== by 0x24E9C2: ifile_open (ffmpeg_demux.c:1663)
==18832== by 0x2755BE: open_files (ffmpeg_opt.c:1333)
==18832== by 0x275780: ffmpeg_parse_options (ffmpeg_opt.c:1373)
==18832== by 0x289702: main (ffmpeg.c:1032)
Change History (2)
comment:1 by , 9 months ago
Cc: | added |
---|---|
Status: | new → open |
comment:2 by , 9 months ago
Resolution: | → fixed |
---|---|
Status: | open → closed |
Fixed by james in 66b50445cb36cf6adb49c2397362509aedb42c71