Opened 13 years ago
Closed 13 years ago
#408 closed defect (fixed)
ffmpeg: Invalid read of size 1 in roq_decode_frame
Reported by: | daw | Owned by: | |
---|---|---|---|
Priority: | normal | Component: | undetermined |
Version: | git | Keywords: | |
Cc: | Blocked By: | ||
Blocking: | Reproduced by developer: | no | |
Analyzed by developer: | no |
Description
The following file causes a Valgrind warning of out-of-bounds memory access:
$ valgrind ./ffmpeg -v 9 -loglevel 99 -i bug1/bad.roq -y -target pal-vcd out ffmpeg version N-32008-g13e9a0f, Copyright (c) 2000-2011 the FFmpeg developers built on Aug 19 2011 23:34:14 with gcc 4.5.1 20100924 (Red Hat 4.5.1-4) [...] ==9808== Invalid read of size 1 ==9808== at 0x7406EE: roq_decode_frame (roqvideodec.c:78) ==9808== by 0x7AAAB6: avcodec_decode_video2 (utils.c:769) ==9808== by 0x435134: output_packet (ffmpeg.c:1627) ==9808== by 0x4384AC: transcode.clone.11 (ffmpeg.c:2812) ==9808== by 0x43CB4C: main (ffmpeg.c:4569) ==9808== Address 0x4eec326 is 0 bytes after a block of size 18,982 alloc'd ==9808== at 0x4A0473F: memalign (vg_replace_malloc.c:532) ==9808== by 0x4A04798: posix_memalign (vg_replace_malloc.c:660) ==9808== by 0x9574A4: av_malloc (mem.c:90) ==9808== by 0x51793B: av_new_packet (avpacket.c:64) ==9808== by 0x4E9474: av_get_packet (utils.c:270) ==9808== by 0x4803AD: roq_read_packet (idroqdec.c:157) ==9808== by 0x4EA183: av_read_packet (utils.c:732) ==9808== by 0x4EA6C6: read_frame_internal (utils.c:1199) ==9808== by 0x43820A: transcode.clone.11 (ffmpeg.c:2753) ==9808== by 0x43CB4C: main (ffmpeg.c:4569) [...]
The input file that triggers this (see attached file) differs by one byte from tests/data/vsynth2/roqav.roq. I'm using the latest from git.
Attachments (2)
Note:
See TracTickets
for help on using tickets.
input file triggering valgrind warning