Opened 9 years ago
Closed 8 years ago
#5136 closed defect (fixed)
signed integer overflow in update_initial_timestamps()
Reported by: | tsmith | Owned by: | |
---|---|---|---|
Priority: | normal | Component: | avformat |
Version: | git-master | Keywords: | ubsan |
Cc: | Blocked By: | ||
Blocking: | Reproduced by developer: | no | |
Analyzed by developer: | no |
Description
Summary of the bug:
UBSan: libavformat/utils.c:925:40: runtime error: signed integer overflow: -9223372036854775806 - 9223090561878065151 cannot be represented in type 'long long'
How to reproduce:
% ffmpeg -f ivf -i <test_case> -f null - ffmpeg version N-77718-g72673ad Copyright (c) 2000-2016 the FFmpeg developers built with Ubuntu clang version 3.7.1-svn253742-1~exp1 (branches/release_37) (based on LLVM 3.7.1) configuration: --cc=clang --cxx=clang++ --disable-libxcb --disable-xlib --disable-logging --disable-ffprobe --disable-ffplay --disable-sdl --disable-ffserver --disable-doc --disable-pthreads --disable-network --disable-d3d11va --disable-dxva2 --disable-vaapi --disable-vda --disable-vdpau --disable-stripping --disable-runtime-cpudetect --disable-securetransport --disable-iconv libavutil 55. 12.100 / 55. 12.100 libavcodec 57. 22.100 / 57. 22.100 libavformat 57. 21.101 / 57. 21.101 libavdevice 57. 0.100 / 57. 0.100 libavfilter 6. 23.100 / 6. 23.100 libswscale 4. 0.100 / 4. 0.100 libswresample 2. 0.101 / 2. 0.101 [vp9 @ 0x619000005a80] Warning: not compiled with thread support, using thread emulation [vp9 @ 0x619000005a80] Invalid compressed header size Truncating packet of size 1347813408 to 4 libavformat/utils.c:925:40: runtime error: signed integer overflow: -9223372036854775806 - 9223090561878065151 cannot be represented in type 'long long' #0 0xc368ef in update_initial_timestamps /home/user/code/ffmpeg/libavformat/utils.c:925:40 #1 0xc3440b in compute_pkt_fields /home/user/code/ffmpeg/libavformat/utils.c:1163:13 #2 0xc31ef6 in parse_packet /home/user/code/ffmpeg/libavformat/utils.c:1291:9 #3 0xc11bed in read_frame_internal /home/user/code/ffmpeg/libavformat/utils.c:1406:24 #4 0xc1e563 in avformat_find_stream_info /home/user/code/ffmpeg/libavformat/utils.c:3293:15 #5 0x53c6cb in open_input_file /home/user/code/ffmpeg/ffmpeg_opt.c:970:11 #6 0x53a94f in open_files /home/user/code/ffmpeg/ffmpeg_opt.c:2999:15 #7 0x53a11c in ffmpeg_parse_options /home/user/code/ffmpeg/ffmpeg_opt.c:3036:11 #8 0x56f5ab in main /home/user/code/ffmpeg/ffmpeg.c:4292:11 #9 0x7fac101c9ec4 in __libc_start_main /build/buildd/eglibc-2.19/csu/libc-start.c:287 #10 0x466445 in _start (/home/user/Desktop/ffmpeg/ffmpeg_full+0x466445)
Attachments (1)
Change History (4)
by , 9 years ago
Attachment: | test_case.ivf added |
---|
comment:1 by , 8 years ago
Resolution: | → fixed |
---|---|
Status: | new → closed |
comment:2 by , 8 years ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
comment:3 by , 8 years ago
Keywords: | ubsan added |
---|---|
Resolution: | → fixed |
Status: | reopened → closed |
I probably reopened this ticket by mistake, my original patch was:
https://ffmpeg.org/pipermail/ffmpeg-devel/2016-September/199994.html
Note:
See TracTickets
for help on using tickets.
Fixed in e936c8d176efd1a0a41e22df24564b1178c79ea9